2026-05-17 13:02:33Z⌕ search ↑ main site

Why EU-only

A short note on jurisdiction choice

OpenSense is, today, EU-only. Customer data lives in eu-central, the company is registered in Slovakia, billing flows through Stripe EU, and email goes through Postmark's EU pop. There is no US, UK-only, CH, or other-region option.

This page exists because the question comes up before signup — sometimes hopefully ("good, that suits us"), sometimes disappointed ("ah, we wanted US"). Either way, here is the why.

What "EU-only" actually means

Compute and storage: Hetzner Falkenstein, Germany.
Backups: a second Hetzner volume in the same region.
Off-site backup: Hetzner Nuremberg, also Germany.
Email delivery: Postmark, with our account routed through their EU pop (Amsterdam).
Customer support: from Bratislava, Slovakia.
Legal entity: Slovak s.r.o.
Stripe billing: Stripe Payments Europe Limited (Ireland).

The only non-EU entity in the loop today is Postmark itself (US company). Their EU pop means data does not cross the Atlantic for our account, but their corporate headquarters are in the US — which matters under the US CLOUD Act. We are evaluating EU-native alternatives (Mailjet, SES eu-west) for 2026-Q3.

Why we chose this

Customer base. Our customers are EU food businesses, hotels, schools and small manufacturers. The regulatory reference frames are EU regulations. The local sales context is EU.
Data-residency expectations. Under GDPR and member-state laws (Bavarian Datenschutz, Czech ÚOOÚ, Slovak ÚOOÚ), customer- data residency in the EU is the default and the safe answer.
US Cloud Act exposure. A US-headquartered cloud provider is compelled by US law to comply with US subpoenas regardless of where the data sits. Hetzner is a Germany-only entity with no US parent; the legal exposure of customer data to US authorities is materially lower.
One thing to operate well. As a solo founder, I cannot run a global multi-region service well. EU-only lets me run one thing correctly.

What this means for non-EU customers

We can technically serve non-EU customers — the ingest URL is reachable from anywhere — but:

Latency may be noticeable from Asia and the Americas (one round-trip from Australia is ~280 ms vs ~30 ms from Bratislava).
Compliance frames are EU-centric. Our HACCP defaults are EU food law. Our Legionella defaults are German DVGW. We do not ship presets for FDA, FSMA, or USDA.
Support hours are Europe/Bratislava business hours.
Billing is in EUR with EU VAT handling. We are not registered for US state sales tax.

If those are acceptable, we are happy to serve you. If they are not, please buy from a vendor who is set up for your region.

When would we expand?

A non-EU region opens when one of the following happens:

A specific customer (or set) commits to a multi-year contract that funds the second region's operating cost. Then we will open it.
We are big enough that running two regions is a small fraction of total revenue. Not yet.

We will not run a "best effort" non-EU presence. If we open a region, it is a real region with the same SLA as the primary.

What about Switzerland and the UK?

These come up as separate questions, since they are not EU.

Switzerland: technically reachable from eu-central; the Swiss data-protection regime (FDPA) is GDPR-equivalent for practical purposes. Swiss customers buy from us today.
United Kingdom: same — UK GDPR is materially aligned with EU GDPR. UK customers buy from us today.

For both, we recommend confirming with your own counsel that EU processing is acceptable under your specific regulatory frame. For Swiss banking-level requirements or UK Critical National Infrastructure obligations, the answer may be no; for the small- business operator, the answer is yes.

A note on the future

If the EU and US data-protection regimes converge again (a new Privacy Shield or similar), the picture changes. We will follow the EDPB's guidance; we will not jump the gun. For now, "EU-only" is both a feature and a commitment.