European sovereignty isn't marketing: it's code
Half of European startups say "GDPR-friendly" and then run everything on AWS us-east-1 with OpenAI embeddings. Here I explain exactly what runs where in Memchats, and why we made it more expensive to operate but more honest.
An overused word
The phrase "digital sovereignty" has been so overused in European pitch decks it doesn't mean anything anymore. Any startup with a .eu domain and a GDPR disclaimer uses it. But open the code, look at the DNS, read the logs: most run the critical logic in American data centers and depend on APIs from US companies for everything important.
Where every bit runs in Memchats
Postgres and Redis: Hetzner Online in Falkenstein, Germany. Disk-level at-rest encryption. Private internal connection between containers. If Hetzner goes down, Memchats goes down, but the data never leaves Germany.
Embeddings: bge-m3 self-hosted on a dedicated GPU in the same Hetzner infrastructure. We don't use the OpenAI API or Voyage. Self-hosting is operationally more complex, but the text doesn't leave our perimeter.
Object storage: Cloudflare R2 in EU jurisdiction. R2 is S3-compatible but doesn't replicate outside the region you pick. We pick EU, it stays in EU.
Anthropic Claude: here's a real compromise. Anthropic is in the USA. We have SCC signed and a specific DPA that prohibits training on our data. For Empresa tier we offer a local model (Llama 3.1 / Mistral) that literally never leaves the EU.
Why it costs more
Self-hosting embeddings costs GPU 24/7. Self-hosted Mailcow requires maintenance. Hetzner needs more DevOps than click-deploy on Vercel. But the question isn't "what's easier to operate", it's "what promise can I keep when I look in the eye of a user who trusts me with messages from their ex during a custody case".
If the answer is "honestly, almost everything is in USA but we signed a DPA", then you're not doing sovereignty. You're doing marketing.