Technical details

For IT, legal teams, and admins. Where services run, what the stack is, and why data jurisdiction matters.

Hosting in Germany (EU)

Production storage and primary backups run in data centers in Germany. Not in the US or in jurisdictions with extraterritorial access typical of American clouds.

Germany has a long track record of strict data protection (BDSG, supervisory authorities). Together with GDPR this is a stable framework for business and public sector data in Europe.

Servers and disks physically in the EU. Contract and support from Slovakia (dob s.r.o.).
Subprocessors and locations listed in the data processing agreement (DPA).
No default exposure of data to US cloud providers.
TLS, encryption at rest, 2FA, audit logs, backups separated from production.

Informational only. Not legal advice. Confirm scope in your contract.

Why host data outside your country of residence

Your company may be registered in Slovakia (or elsewhere in the EU) while data lives in Germany. That is not avoiding the law. It is a deliberate split between company seat and place of processing.

Separate jurisdictions

Your seat mainly defines commercial and tax identity. Server location defines which data protection regime and oversight actually applies to the bits on disk.

When data sits in another EU country with a known operator, audits are clearer: where disks are, who has root, where backups go.

Outside purely “local” single-site risk

Authorities must follow GDPR and national law for access (court order, legal basis). Data in DE with an EU host is not on the same disk as the CEO laptop in one office.

In political or security crises, a critical copy not stored only in one country is an advantage.

US and third countries

US clouds fall under laws such as the CLOUD Act. Providers may have to disclose data without your knowledge. EU hosting replaces that with contract, DPA, and European oversight.

For Slovak companies and municipalities

You remain under GDPR. The customer is often controller. We are processor with infrastructure in DE. Partners see: data in the EU, not in Silicon Valley.

Public sector: cloud for municipalities. US cloud comparison: comparison.

Administration of hosted software

Your designated admins get full access to the application admin area. This is not a closed SaaS where you only see a limited menu.

Nextcloud: manage users, groups, apps, sharing, external storage, Flow, and logs in the admin UI.
Rocket.Chat, Open WebUI, other services: admin accounts per deployment, same principle.
You set policies. We run infrastructure (servers, backups, updates, monitoring, host security).
Optional split: you administer content, we run operations. Or full customer control after training.
Server root and occ access per contract and plan (typically Enterprise or on request).

Operational security

TLS 1.2+ on all services, HSTS where appropriate.
Encryption at rest, regular backups off the production volume.
2FA, WebAuthn/U2F, password policies, login attempt limits.
Audit logs (files, sharing, admin), SIEM export per agreement.
Patched updates after testing, maintenance mode during critical work.

Service stack

Nextcloud (files, calendar, workflow). Details: Nextcloud technical.
AI: multi-model gateway, costs and limits, Open WebUI assistant. AI and LLM.
Rocket.Chat for team chat (not an AI chatbot). team communication.
Hosting: email, web, WordPress, VPS. hosting. Integration: custom apps on VPS — integration.

All components run in a controlled EU environment. ERP or portal integrations are project scoped.

Technical inquiry Privacy policy