All Kommit application and database infrastructure runs in the EU on Hetzner Cloud. There is no Vercel, no AWS, and no non-EU cloud in the production path today. We chose Hetzner specifically because it keeps EU data inside the EU under one operator, with no transatlantic hops for primary operations.
What runs where
| Component | Region | Notes |
|---|---|---|
| Application servers | EU (Hetzner Cloud) | Dokploy-managed Next.js + Express. |
| Postgres (primary + replica) | EU (Hetzner Cloud) | Per-environment isolation (dev / prod). |
| Object storage for evidence packs | EU (Hetzner Object Storage) | Same region as Postgres. |
| LLM provider calls (OpenAI, Anthropic) | Per-vendor terms | Routed via the customer's region selection when the vendor offers EU regions. |
| Email delivery | EU (Resend, EU region) | Transactional only. |
Encryption
- —In transit: HTTPS is terminated at the reverse proxy with TLS 1.3 minimum. Database connections from the application to Postgres use TLS. Customer-side webhook deliveries enforce HTTPS.
- —At rest: Hetzner Cloud volumes use full-disk encryption with keys managed by Hetzner. Database backups inherit the same encryption. Evidence packs in object storage are encrypted with AES-256.
We don't currently offer customer-managed keys (KMS-style BYOK). That is on the roadmap for Enterprise customers — see [#engagement-shapes] for which tiers we're building toward.
LLM provider data flow
When you ask an agent or the helpdesk chat a question, the question text and any retrieved context chunks are sent to the LLM provider you (or we) selected for that surface. We do not currently mirror LLM calls to any other provider for redundancy. If you have a prohibition on a specific LLM vendor (a common one is non-EU training data), tell us and we'll route around it for your tenant.
What you can verify yourself
- —Run
dig getkommit.aianddig api.getkommit.aiand check the IP geolocation — both should resolve to EU data centres. - —The deploy topology (region, instance class, replica count) is visible from your Kommit dashboard's Trust page once you're a customer.
- —See [#how-does-kommit-isolate-my-orgs-data] for the tenancy isolation model that runs on top of this infrastructure.