I know there are a dozen of different "EU Alternatives" websites/catalogs already and some of them are actually great for discovering European brands and software. But they never show you what's inside: you only get a name, a logo, a few lines long pitch and then you're on your own.
So after doing some due diligence I've built a more detailed one. Whether you just want a European Dropbox/Google Analytics/1Password etc or you need to know your customers' data won't leave the EU, the idea is the same: give you what you need after the name, not just the name.
Two features I have that surface-level lists do not:
- I show the exposure, not just the "European" label. That word hides the part that matters. A company can have a Berlin office, a "hosted in the EU" banner, and still route your data through a US analytics provider or sit on US-owned cloud - at which point US law reaches it regardless of where the rack is. So for every listing I check, and link the source for:
- Where the data is actually hosted - the data-centre region, not the HQ on the about page.
- The sub-processor list - the one nobody reads. Pretty EU hosting page up front, US tooling quietly in the DPA annex.
- CLOUD Act exposure - US parent or US hyperscaler storage means US jurisdiction, full stop.
- Who owns the company - "EU-founded, US-funded" is a different animal from "EU-owned". Ownership and hosting are shown as separate signals so you decide which one you care about.
- A proper feature matrix. Not "here are five alternatives, good luck" - an actual side-by-side, so you can see which tool genuinely replaces the US one feature-for-feature and which is wishful thinking.
Everything is from public sources only - the vendor's own DPA, sub-processors page, the company registry, legal notice etc. Each point has a link to original page and last verification date. Vendor's self-attestation is not taken on faith.
One number that fell out of doing this for more than 200 tools: a little more than 30% are completely clear of US Cloud Act exposure with no US parent and no significat sub-processors.
On money: the site earns nothing right now. There are a couple of affiliate links added already and it's disclosed everywhere they appear plus listed in full on the transparency page. That's the whole monetisation plan: affiliate links, nothing hidden. Listing order is editorial - no commission logic anywhere in how stuff is sorted.
What I would be happy to hear from you: what's missing? Did I get any assessments wrong? If you see something - let me know and I will fix it right away.
Disclaimer: I'm affiliated. I built and run this site. It currently has a couple of affiliate links live; how it's funded is documented in full at https://euvetted.com/transparency
Nice work! A question and a request:
ref: https://euvetted.com/compare?p=hetzner%2Covhcloud
(q) Looking at the Cloud & Hosting category, I don't see a distinction for regional datacenters; for instance OVHcloud has a US counterpart and US datacenters (and Canada) along with all their EU stuff. Just sort of asking how that worked out in your investigations... even if it's just Canada, it's not in the EU yet. :) But more realistically say... Helsinki vs. UK or something.
(r) One of the things I spent time on but I don't see reflected - Domain Registrars and DNS Hosting. I used the ICANN official list myself and just clicked a lot, and for DNS I found basically CouldNS, Bunny.net and Gcore.com as the "EU" (not sure if EU or general Europe). [1]
Bunny and Gcore are Cloudflare competitors so it's no small work to build a full set of data like you have done for others, they all offer a lot of products under one umbrella. But CloudNS isn't so it's a crossover area between different types of companies based on singular.. features offered?
[1] side comment, it might be interesting to see a mapping of domain TLDs - it's well known about who owns/controls net. com, org but I think few realize that a lot of these new TLDs are all owned by single megacorps when you dig into Wikipedia etc. Your precious
.devis owned by Google.Thanks for digging in properly, this is exactly the kind of feedback I was hoping for!
On the data centre thing - yes, fair point. Right now each listing has one hosting country, the EU region I checked, not the full "every region this vendor runs." So for OVH I've got the EU side, but I'm not flagging that you could spin up in their US or Canada region by accident. Should fix that. Two things that help though: I keep ownership and hosting separate on purpose: OVH's French, so even their US datacentres sit under a French parent, which is a different animal from a US company that just offers an EU region. And EU/EEA is the actual bar for me, not "Europe" loosely - UK and Canada don't count even though everyone lumps them in.
DNS and registrars - yeah, not there, blind spot. Part of it is what you said: Bunny and Gcore are umbrella shops where DNS is one product of twenty, so they don't slot in cleanly. CloudNS is the easy one. If you've still got the registrar list you clicked through, I'd take it and I'd want to check who actually owns what before listing, Gcore especially.
TLD ownership is a great shout though. "Your precious .dev is Google's" most people have no clue. I already do write-ups like that (did one on CLOUD Act exposure), so mapping the new gTLDs fits perfectly. Might build it.
In effort not to create a large amount of work or overhead, I think the key concern is more what is considered sovereign - these large shops have core presence and edge presence. It is not uncommon that an edge use the features of the core which crosses countries; when I worked in a multinational, our Sydney DC was an edge to the Hong Kong DC core (think like a monitoring or backup system) so your data actually flowed through HKG pipes because Sydney is insanely expensive to have a DC in (size/space).
Spirit in my comment was more to that - spinning up in US by accident is a "given" to me, kinda obvious. An edge DC routing through a core DC in another country, well that's a different matter. Can be invisible to the end user.
ICANN has a nice page, lets you filter it by country or whatever. There are a million of them, and some of them "feel sketchy" but many seem like generic, boring registrars.
https://www.icann.org/en/contracted-parties/accredited-registrars/list-of-accredited-registrars
I then used the DNSPerf data to dig into that layer, tl;dr 90% (guessing) are US controlled. I actually found more out there than what's on this list but it's really comprehensive of the big players in the DNS space.
https://www.dnsperf.com/
My "investigation" was all manual, dig through publicly available information and follow my nose. The DNS perf listing is actually how I even learned Bunny and Gcore existed.