Summary
- French company and internet-registry records converge on the same CLOUD ADVICE SAS name, Dardilly address and telephone number. They establish an attributable operator, not merely a cloud-themed trading label.
- Public network records connect the company to AS41332 and a /22 IPv4 block, while PeeringDB records two facilities and a self-reported traffic band. These are meaningful signs of an operating surface, but several fields are old and none constitutes an uptime or capacity guarantee.
- Customer legal notices provide unusually concrete service evidence: they name Cloud Advice as a website host and, in one health-technology case, as host for APIs, databases and health data. That is stronger than a service catalogue, although it still does not reveal performance or incident history.
- The main diligence issue is continuity across names and obligations. Public pages point variously to Cloud Advice, LAN Advice and Sæpiens, so buyers should pin the legal supplier, infrastructure roles, data locations, support staffing and escalation duties to the contract.
The first test is attribution, not ambition
Cloud companies are unusually easy to describe and unusually hard to verify from the outside. A website can promise resilience, sovereignty, managed security and constant support without showing who operates the network, which legal entity signs the agreement, where subcontractors enter the service, or how an incident reaches someone empowered to act. A credible assessment therefore begins below the marketing layer.
For CLOUD ADVICE SAS, that first layer is comparatively firm. The French SIRENE notice identifies an active French simplified joint-stock company that began on 16 July 2019, with SIREN 852 685 445, head-office SIRET 852 685 445 00011 and the address 3 Chemin de l'Industrie, 69570 Dardilly. It classifies the principal activity as computer programming, while warning that the activity code is statistical rather than a legal warranty of what the company can deliver.
The Pappers company record adds a more descriptive declared purpose: managed and hosted cloud services, advice and support, audit, architecture and IT design. It names Advice Group as president and Bruno Bruhat as director-general. It also reports a workforce band of six to nine for 2022. That dated employment figure is useful only as a scale clue. It should not be treated as a current staffing statement, much less proof that a particular support rota exists.
This identity trail matters because it makes accountability possible. The company can be tied to a registration number, office, named management and recurring statutory filings. The BTW directory entry also recognises the organisation as a private company connected to internet infrastructure and routing relationships, but presently offers only a light public assessment. The directory is a useful junction, not a substitute for the underlying records.
Legal identity is still only the beginning. Registration proves that a company exists and states a business purpose. It does not prove that a backup can be restored, that a network is diverse, that an on-call engineer will answer, or that a promised data boundary covers every component of a workload.
One company, several public names
The next layer is less tidy. CLOUD ADVICE SAS appears consistently in corporate and registry records, but its public web trail points through several names. Its LinkedIn profile directs visitors to LAN Advice and says the business draws on a market presence dating to 2006 through that structure, even though the present company was formed in 2019. PeeringDB also records lan-advice.com as the company website.
At the same time, the Sæpiens website displays the same Dardilly street address and the same 04 37 50 36 10 telephone number found in registry records. Its offer includes IaaS, PaaS and managed operations, alongside networking, cybersecurity, backup, disaster recovery and health-data hosting. An independent French HDS comparison page labels the provider “CLOUD ADVICE (SÆPIENS)” and cites the Sæpiens site as its official service page.
Those matching details make a close operational connection a reasonable inference. They do not remove the need to ask which name is a brand, which entity is the contracting party and whether another group company performs part of the service. A buyer should expect the proposal, processing agreement, certification scope, support schedule and invoice to resolve that chain cleanly.
Brand continuity is not a cosmetic concern in managed infrastructure. If a status notice is published under one name, a certificate under another and the service contract under a third, a customer needs to know that all three refer to the same accountable service boundary. CLOUD ADVICE SAS has enough public identifiers to make that reconciliation possible. The work still has to be done.
Service proof exists outside the sales page
Service catalogues describe intent. References from customers or counterparties show that somebody has actually assigned the provider a role. On this measure, Cloud Advice has a more substantial public record than its modest directory profile initially suggests.
Datakit's legal notice, for example, names Cloud Advice SAS at the Dardilly address as its website host. ChamberSign France also identifies Cloud Advice as its hosting provider and publishes the same address and phone number. These are narrow statements, but that is their value: they identify a real service relationship without asking the reader to infer it from a partner logo.
A more detailed example comes from the legal notice of health-technology company HerVé. It assigns the website front end to Vercel, but names Cloud Advice as host for the API, databases and health data. It separately names AWS S3 for file storage. This is strong evidence of a live, component-level hosting role and also a reminder that “the host” can be an oversimplification. One application may cross several providers, each responsible for a different layer and each potentially subject to a different support and data-location arrangement.
The Sæpiens site makes broader claims. It says its teams manage operating systems, cybersecurity, databases, containers, backups and virtual machines, and can maintain continuity on a 24/7/365 basis. Its health-data hosting page describes electrical and internet redundancy, controlled physical access, application-platform operations, operating-system administration and external backup. It names Free Pro and nLighten as hosting subcontractors for physical-site activity and says there is no access to, or transfer of, personal health data outside the European Economic Area in the service described.
The official Agence du Numérique en Santé list explains the six HDS activity classes and advises readers to use certification-body details to confirm certificate validity. The independent HDS comparison entry, dated May 2026 and citing that official list, reports CLOUD ADVICE under Sæpiens for activities 2 through 6 on version 2.0. That is a meaningful lead, not a reason to skip certificate verification. A regulated customer should obtain the current certificate, its exact legal holder, covered sites, covered activities, expiry status and subcontractor schedule during procurement.
Together, the legal notices and health-hosting disclosures establish more than mere consultancy. They show Cloud Advice named in hosting roles that reach from ordinary websites to APIs, databases and health data. They still cannot answer how often incidents occur, how quickly tickets are acknowledged, how restoration is tested or whether any one customer's architecture matches the public examples.
AS41332 is evidence of an operating surface
The network record provides a separate test because it is difficult to reduce to branding language. The RIPE NCC member list names CLOUD ADVICE SAS, gives the same Dardilly address and phone number, and publishes a resource contact at the company's own domain. That joins the legal identity to a recognised role in European internet-number administration.
RIPE-derived registration data for AS41332 goes further. It associates the autonomous system name CLOUD-ADVICE with CLOUD ADVICE SAS and the company's Lyon registration number. It lists the IPv4 block 185.116.176.0/22, equivalent to 1,024 addresses, and shows routing relationships with AS39180, LASOTEL, and AS30781, Free Pro. The record also reports the route authorisation and routing registry entries as valid at the time captured. This is evidence that the company has its own numbered routing identity and a directly attributable address block.
PeeringDB's AS41332 entry records the network as a network service provider, identifies two facilities, Free Pro Limonest and Free Pro Lyon - Rock, and states an open peering policy. It carries a self-reported traffic range of 20-50 Gbps. That range is not independently measured capacity, and the profile's main update date is July 2022; the facility information is older still. It should be read as an operator declaration with historical value, not as a current engineering commitment.
There is a similar caution around IPv6. PeeringDB marks IPv6 as a supported protocol but lists no IPv6 prefixes, while the RIPE-derived view reports one IPv4 prefix and no IPv6 prefixes. Those fields can coexist: a network may support a protocol in some context without originating its own IPv6 space in the public view. The practical response is to ask what the customer service actually supports, not to turn a registry field into a blanket verdict.
The strongest conclusion from AS41332 is restrained but important. CLOUD ADVICE SAS is not visible only as an adviser reselling an abstract “cloud.” It has an identifiable network control surface, routing policy data, upstream relationships and facility presence. None of that proves application availability, path diversity or security. It does make a more precise technical conversation possible.
Locality must be traced component by component
Sæpiens says it ensures data sovereignty, and its HDS page states that the named health-hosting service involves no transfer or access from outside the European Economic Area. The network and company records are also centred in France: Dardilly, Limonest and Lyon dominate the visible footprint. That is useful evidence for customers whose risk model values French or European operation.
But sovereignty is not a property of a company name. It is a property of a defined service, its administrators, infrastructure, keys, backups, logs, monitoring tools, support channels and subcontractors. The HerVé disclosure illustrates the point well. Cloud Advice handles the API, databases and health data, while Vercel serves the front end, AWS S3 stores files, and other suppliers handle messaging and analytics. That architecture may be entirely appropriate, but its locality can be understood only as a map of components and data flows.
The same discipline applies to the subcontractors disclosed by Sæpiens. Naming Free Pro and nLighten is positive because it exposes part of the physical dependency chain. The page also marks those actors as not qualified under SecNumCloud 3.2. HDS certification and SecNumCloud qualification answer different questions; one should not be made to stand in for the other. A buyer needs to match the required assurance to the actual service rather than treating “French,” “sovereign,” “HDS” and “secure” as interchangeable labels.
An effective locality review would therefore identify where primary data, replicas, backups and logs reside; who can administer each layer; whether remote support can originate outside the agreed area; which law and contract govern each subcontractor; and what happens to every copy when the service ends. Public evidence gives Cloud Advice a credible starting position. Only service-specific documentation can complete the picture.
The support claim needs a human chain of responsibility
Managed cloud service is ultimately a labour promise. Automation can detect faults, rotate backups and restart workloads, but someone still decides whether an alert is real, whether a recovery action is safe, whether a customer must be notified and who owns the incident until closure.
The public record offers several support clues. The company phone number remains consistent across RIPE, customer legal notices and Sæpiens. The corporate site claims 24/7/365 availability. LinkedIn describes round-the-clock support by qualified engineers and presents the company in the 11-50 employee range, while the dated French record reports six to nine employees in 2022. These figures come from different systems, periods and definitions. They cannot establish the number of engineers on shift or the depth of a specialist rota.
For that reason, “24/7” should trigger questions rather than end them. Is the promise continuous active monitoring, a telephone on-call service, or guaranteed engineering intervention? Which events are covered? Are first-line responders employees, group staff or subcontractors? What are the acknowledgement and restoration targets by severity? Who can authorise an emergency change? How are customers updated during a prolonged incident, and where is post-incident analysis recorded?
The answers should appear in an operational schedule with measurable service levels, named escalation roles and reporting obligations. Evidence of rota testing, recent restore exercises and sample incident communications would turn a broad availability claim into something a customer can evaluate. For a smaller provider, this clarity matters more, not less: local expertise and direct access to senior engineers can be an advantage, but only if absence, surge demand and simultaneous incidents are planned for.
What the public record supports, and what it does not
The evidence supports a clear middle position. CLOUD ADVICE SAS is an attributable French company with a business purpose explicitly covering managed and hosted cloud services. It is a RIPE member associated with AS41332, a public IPv4 block and visible facilities. Independent customer notices name it in real hosting roles. Public service pages describe managed infrastructure, disaster recovery, health-data hosting and continuous support, and they disclose some physical subcontractors and cross-border conditions.
The record does not independently verify uptime, recovery performance, support response, staffing depth, security operations or current network capacity. It does not by itself reconcile every public brand name with the contract. It does not show that one customer's health-hosting arrangement applies to another customer's workload. And because several network-profile fields date from 2020 to 2022, it cannot replace a current architecture and connectivity statement.
That distinction is the point of public-record diligence. A registration record answers “who.” A customer legal notice answers “in what role.” An ASN and prefix answer “with what visible network control.” Certification material answers “against which defined scope.” A support schedule answers “who acts when the service fails.” Assurance appears only when those layers align.
For CLOUD ADVICE SAS, enough of those layers are visible to justify serious evaluation. The name should not be treated as operating assurance on its own, but neither should it be dismissed as a name without infrastructure behind it. The next step is focused verification: reconcile Cloud Advice, LAN Advice and Sæpiens in writing; obtain current certification and network documents; map every data location and subcontractor; test a restore; and walk an incident from first alert to executive escalation. A cloud name becomes dependable only when each promise has an owner, a boundary and evidence that can survive a bad day.

