I know there are a dozen of different "EU Alternatives" websites/catalogs already and some of them are actually great for discovering European brands and software. But they never show you what's inside: you only get a name, a logo, a few lines long pitch and then you're on your own.
So after doing some due diligence I've built a more detailed one. Whether you just want a European Dropbox/Google Analytics/1Password etc or you need to know your customers' data won't leave the EU, the idea is the same: give you what you need after the name, not just the name.
Two features I have that surface-level lists do not:
- I show the exposure, not just the "European" label. That word hides the part that matters. A company can have a Berlin office, a "hosted in the EU" banner, and still route your data through a US analytics provider or sit on US-owned cloud - at which point US law reaches it regardless of where the rack is. So for every listing I check, and link the source for:
- Where the data is actually hosted - the data-centre region, not the HQ on the about page.
- The sub-processor list - the one nobody reads. Pretty EU hosting page up front, US tooling quietly in the DPA annex.
- CLOUD Act exposure - US parent or US hyperscaler storage means US jurisdiction, full stop.
- Who owns the company - "EU-founded, US-funded" is a different animal from "EU-owned". Ownership and hosting are shown as separate signals so you decide which one you care about.
- A proper feature matrix. Not "here are five alternatives, good luck" - an actual side-by-side, so you can see which tool genuinely replaces the US one feature-for-feature and which is wishful thinking.
Everything is from public sources only - the vendor's own DPA, sub-processors page, the company registry, legal notice etc. Each point has a link to original page and last verification date. Vendor's self-attestation is not taken on faith.
One number that fell out of doing this for more than 200 tools: a little more than 30% are completely clear of US Cloud Act exposure with no US parent and no significat sub-processors.
On money: the site earns nothing right now. There are a couple of affiliate links added already and it's disclosed everywhere they appear plus listed in full on the transparency page. That's the whole monetisation plan: affiliate links, nothing hidden. Listing order is editorial - no commission logic anywhere in how stuff is sorted.
What I would be happy to hear from you: what's missing? Did I get any assessments wrong? If you see something - let me know and I will fix it right away.
Disclaimer: I'm affiliated. I built and run this site. It currently has a couple of affiliate links live; how it's funded is documented in full at https://euvetted.com/transparency
Thanks for the work you've put into this. It does look nice and provides lots of information one might want to have before deciding on a product.
That said, I've found an inaccuracy with KeePass. The comparison claims that, unlike the other password managers, Keepass is unavailable for mobile. Technically, that's true for KeepassXC (the most polished Keepass fork). However, with KeepassDX, there's definitely a very polished Android app (though under a different name), and apparently, iOS apps exist too.
Good catch, thanks. The listing is KeePassXC specifically and that fork really is desktop-onlyะฑ so the "no mobile" is technically true for that one app. But you're right that it reads wrong in a comparison: the whole point of KeePassXC is the local .kdbx file, and that opens fine in mobile apps like KeePassDX on Android or Strongbox/KeePassium on iOS. So the KeePass approach does have mobile, even if this app doesn't ship it.
I'll fix the wording so it doesn't imply you're stuck on desktop. Thanks for flagging it.
I mean, it's open source software and someone ported it, so there's a client, simple as.