🇫🇷 Enterprise
Secure file sharing for businesses
Your teams exchange sensitive data every day. Pli Scellé encrypts every transfer in the browser, hosts it in France and purges it on expiry. The server never reads your files.
The problem no one wants to name
A contract, a payslip, a customer export, an admin password. Every day your staff send confidential data over email or through consumer platforms that keep a decryptable copy of everything that passes through. For a security officer, that is a permanent exposure surface: the provider can read the files, so can its subprocessors, and a US authority can demand them under the Cloud Act.
Pli Scellé tackles the problem at the root. AES-256-GCM encryption runs inside the sender's browser, before anything leaves the device. The decryption key lives in the URL fragment, the part after the hash that the browser never sends to the server. The result: our servers store encrypted bytes they cannot read. That is the zero-knowledge architecture. Even under a legal order, all we can hand over is unusable ciphertext.
What an IT department expects
SAML SSO and SCIM provisioning
Connect Azure AD, Okta or Google Workspace over SAML 2.0 from the Essential plan. Your users sign in with their corporate credentials, with no extra password to manage. From Pro, SCIM 2.0 provisioning creates, updates and deactivates accounts automatically from your directory: a leaver in your IAM, and Pli Scellé access drops right after.
Audit logs
Every sensitive action is recorded: share creation, access, download, revocation, role change. The Essential plan keeps 30 days of history, Pro extends to 90 days with export. Enough to answer a regulator, feed your SIEM or reconstruct an incident timeline.
IP and geographic restrictions
On the Pro plan, restrict access to your company's IP ranges and block entire geographic regions. Combined with TOTP 2FA and WebAuthn passkeys, you confine access to the exact conditions you authorize, without disrupting your legitimate staff.
France-only hosting
The entire infrastructure runs in France, operated by SHPV FRANCE SAS, outside the reach of the US Cloud Act. No replication beyond our borders. Files expire between 1 hour and 30 days depending on the plan, then get purged: no copy survives. ClamAV scans unencrypted files before they become available.
Governance and compliance
The GDPR requires every controller to apply technical measures adapted to risk, and its Article 32 explicitly names encryption of personal data as a reference security measure. Pli Scellé's zero-knowledge encryption answers that requirement directly: confidentiality does not rest on a contractual promise, it is enforced by the architecture. Your data is readable only by its intended recipients.
We use no trackers. No pixel, no advertising cookie, no resale of behavioral data. France-based hosting and the absence of any transfer outside the European Union close the question of cross-border data flows and the Cloud Act.
For structured organizations, the Enterprise plan adds team management, parent/child hierarchies to govern several entities under one umbrella, an approval workflow before release, and bank transfer billing for public buyers who refuse recurring direct debit. Let us be clear on one point: Pli Scellé is not ISO 27001, HDS or SecNumCloud certified. Our compliance rests on the product architecture and national hosting, not on a label we do not hold.
Frequently asked questions
- Which identity providers work with SSO?
- Pli Scellé supports SAML 2.0 SSO with Azure AD (Microsoft Entra ID), Okta and Google Workspace from the Essential plan. Automatic SCIM 2.0 provisioning, which syncs account creation and deactivation from your directory, is available from the Pro plan.
- What does the audit trail cover?
- Every sensitive action is logged: share creation and access, downloads, revocations, role and permission changes. Retention is 30 days on Essential and 90 days on Pro; log export, available from the Pro plan, feeds your SIEM or answers a regulatory request.
- Where is the data hosted?
- The entire infrastructure is hosted in France and operated by SHPV FRANCE SAS. No data is replicated outside French borders, which places the service outside the scope of the US Cloud Act. Files are purged on expiry, with no residual copy.
- Is Pli Scellé GDPR compliant?
- Zero-knowledge encryption answers Article 32 of the GDPR, which names encryption as a technical security measure. Data is readable only by its recipients, hosting stays in France with no transfer outside the EU, and no trackers are used. Pli Scellé is not, however, ISO 27001, HDS or SecNumCloud certified: compliance rests on the architecture and hosting, not on those labels.
- What does it cost for a business?
- Annual prices excluding tax: Discover €185 (€17/month), Essential €560 (€52/month, SSO included), Pro €1,400 (€130/month, with SCIM, IP restrictions, brand customization and 90-day audit). The Enterprise plan is custom: unlimited volumes, retention up to 30 days, approval workflow, teams, parent/child organizations, bank transfer billing and SLA.