Environmental code of conduct

Rules on environmental impact.

Secyda is a software company. We do not manufacture hardware, nor do we generate electricity. But we choose who does it on our behalf, and that choice has consequences.

Every infrastructure decision is an environmental decision. We choose providers the way we choose jurisdictions: with judgement.

Secyda operating rule
Our infrastructure

Verifiable data, not labels.

01 / Renewable energy · 100%

Main infrastructure powered by certified hydroelectric energy.

Main infrastructure powered by hydroelectric energy. Certified by independent auditors, not by us.

Hetzner (Germany, Finland) · Hydroelectric since 2008
Source: Hetzner
02 / Energy efficiency · PUE 1.10

Energy efficiency between 1.10 and 1.16.

PUE between 1.10 and 1.16. The industry average is around 1.5. The closer to 1.0, the less energy is wasted on operations that are not computation.

Natural air cooling · No water consumption
Source: Hetzner
03 / Hardware lifespan · 8 years

Refurbished servers, recycled components.

Eight years on average, compared with the usual three to five. Refurbished servers, recycled components. Less electronic waste.

Refurbishment and component recycling
Source: Hetzner
04 / Water consumption · 0

Natural air cooling for 98% of the year.

Natural air cooling for 98% of the year. No cooling towers, no water used for server cooling.

WUE = 0 · Air cooling only
Source: Hetzner
05 / OVHcloud cooling · 7×

Water cooling seven times more efficient than the industry average.

Second provider. Water cooling that consumes one-seventh of the industry average. More than 100 proprietary patents in cooling systems.

OVHcloud (France) · More than 100 patents
Source: OVHcloud
06 / Certification · EMAS

Independent European audit, not a self-issued label.

Eco-Management and Audit Scheme of the EU. Independent European audit at Hetzner's German datacentres. Not a self-issued label.

Energy certificates: naturenergie · Vattenfall
Source: Hetzner
The five rules

Operating criteria, not aspirations.

01 / Mandatory certification

No environmental certification, no provider.

We require public energy data, PUE figures and independent certifications. If a provider does not have them, we do not work with them. The same as with jurisdictions.

02 / Operational proximity

Data lives close to who uses it.

Closest datacentre within the EU. Less distance, less energy in transit. It is both sovereignty and efficiency. There is no need to choose between them.

03 / Open standards

Zero forced obsolescence.

ODF, CalDAV, WebDAV, OpenID, SAML. If the contract changes, the data migrates with the institution. No forced migrations, no disposable temporary infrastructure.

04 / Modular architecture

Consumption proportional to actual use.

Independent services that scale separately. Each component consumes what it needs. No monoliths burning resources to maintain functions nobody uses.

05 / Only what is measurable

If we cannot measure it, we do not publish it.

Today we do not have our own figures for energy consumption. We will publish them when we can verify them. Until then, this rule exists so that we do not invent a pretty dashboard.

Limits of our influence

There are things we do not decide.

01 / Hardware

We do not choose components or manufacturing processes.

Our control reaches as far as selecting providers with long product life cycles and certified recycling practices.

02 / Energy

Today our providers use renewables. Tomorrow that could change.

What we control: annual audit and certifications as a requirement, not a preference.

03 / Network

Data travels through infrastructure we do not operate.

What we control: hosting data close to users and minimising transfers between centres.

This is not an ESG report. It is an internal code of conduct that we have chosen to make public. It is updated when the facts change, not when it is time to publish something.

Last updated · April 2026