Plain-language summary.
All buyer and vendor data is stored in the European Union, in Frankfurt (AWS eu-central-1) as the primary region and Dublin (AWS eu-west-1) as the disaster-recovery region. No production data is replicated outside the EEA.
Regions in use
The primary production region is AWS eu-central-1 (Frankfurt, Germany). The disaster-recovery region is AWS eu-west-1 (Dublin, Ireland). Both regions are within the European Economic Area and are subject to the GDPR.
What is stored where
Brief submissions, vendor profiles, placement records, and operational logs reside in the primary region. Encrypted nightly backups are replicated to the disaster-recovery region. Application code and static assets are served from the EU edge of our CDN.
Rationale
EU residency is a deliberate posture for three reasons. It removes any Schrems II concern about transatlantic transfers for our European buyers. It keeps our latency low for the Berlin–Amsterdam–London corridor where our buyers operate. It simplifies our DPA template by making international-transfer clauses the exception rather than the default.
Exceptions
Two non-production data flows leave the EU. First, transactional email delivery via Postmark (US-based) carries the recipient address and the email body in transit and at rest. Second, our error-reporting tool (Sentry) is configured to the EU region and does not transfer data outside the EU. Both are listed on the Subprocessors page with the applicable safeguards.