Skip to main content

Hosting

An overview of how our hosting infrastructure is set up and where your data lives.

Cloud Infrastructure

We use Hetzner Cloud as our primary cloud provider, a European company headquartered in Germany. Because Hetzner is EU-sovereign, your data is never subject to non-EU data access legislation such as the US CLOUD Act. Hetzner operates ISO 27001-certified data centers and has a strong commitment to privacy and sustainability.

Application Architecture

Our application runs on a containerized architecture. This gives us:

  • Containers can be dynamically scaled based on demand
  • Identical environments across development, staging, and production
  • Isolated application components for better fault tolerance
  • Faster deployment cycles and efficient resource use

Database Management

Our cloud provider manages the database infrastructure. This covers:

  • Automated backups and failover for high availability
  • Managed scaling and monitoring for performance
  • Automatic security patches and updates
  • Point-in-time recovery for disaster recovery

Security Measures

We treat data protection as a core part of our hosting setup.

Data Encryption

  • All stored data is encrypted at rest using industry-standard protocols
  • All data in transit between services and to end-users is encrypted

Infrastructure Security

  • A Web Application Firewall (WAF) protects against common web threats and attacks
  • Regular security assessments and monitoring
  • Network isolation and access controls
  • Compliance with industry security standards

Reliability and Performance

Our hosting setup includes:

  • Load balancing to distribute traffic efficiently
  • Auto-scaling to handle varying loads
  • Monitoring and alerting so we can catch issues early

Data Residency and EU Sovereignty

Our infrastructure is hosted within Sweden on Hetzner Cloud, an EU-owned and operated provider. All your data stays within the European Union at every layer: compute, storage, and backups.

  • Our cloud provider is European, with no corporate ties to non-EU jurisdictions
  • No exposure to foreign data access laws such as the US CLOUD Act, FISA, or similar legislation
  • GDPR-aligned for European privacy requirements
  • Compliant with EU data sovereignty regulations
  • Optimized for European users in terms of latency
  • Clear legal standing regarding data protection and privacy laws

Management

Our infrastructure is built and managed by experienced cloud engineers covering architecture design, security, performance tuning, DevOps automation, and incident response.

Compliance

Our infrastructure complies with relevant industry standards and regulations, so your data is handled according to best practices and legal requirements.