Why "Hosting in Frankfurt"
via Microsoft Isn't Enough
Azure OpenAI may store data in Germany, but Microsoft remains a US company subject to the US Cloud Act. For German public sector and regulated industries, this is a problem.
Azure OpenAI Europe vs SUPA
| Feature | Azure OpenAI | SUPA |
|---|---|---|
| Data Residency | Frankfurt datacenter | Germany (Falkenstein/Nuremberg) |
| Legal Entity | Microsoft Corporation (USA) | German GmbH (in registration) |
| US Cloud Act | Subject to US jurisdiction | Not applicable |
| FISA 702 Exposure | Potentially affected | Not applicable |
| Data Processing | May involve US subprocessors | German infrastructure only |
| Public Sector Approved | Contested in Germany | Designed for German compliance |
| Model Training | May use data for training | Never trains on customer data |
| API Compatibility | Azure-specific SDK | OpenAI-compatible (drop-in) |
The Legal Problem with US Cloud Providers
US Cloud Act (2018)
The CLOUD Act allows US law enforcement to compel US-based technology companies to provide data stored on servers regardless of whether the data is stored in the US or on foreign soil. This applies to Microsoft, Google, Amazon, and all US-headquartered cloud providers.
FISA Section 702
The Foreign Intelligence Surveillance Act allows US intelligence agencies to conduct warrantless surveillance of non-US citizens outside the United States. Data processed by US companies may be subject to this surveillance.
Schrems II Implications
The European Court of Justice has ruled that US surveillance laws are incompatible with EU data protection standards. Using US cloud providers may require additional safeguards that are difficult to implement in practice.
The SUPA Approach: True Sovereignty
German Legal Entity
SUPA is a German company, subject only to German and EU law. US authorities have no legal mechanism to compel data disclosure.
German Infrastructure
All servers are located in Germany (Hetzner datacenters in Falkenstein and Nuremberg). No data leaves German jurisdiction.
No US Subprocessors
Our entire stack uses European providers. No American companies are involved in processing your data.
Public Sector Ready
Designed from the ground up for German public sector requirements, including municipalities, healthcare, and government agencies.
Ready for truly sovereign AI?
Switch from Azure OpenAI to SUPA with a single line change. Same API, different jurisdiction.
Start Free Trial