What we are, and what we promise not to be

What EU Vetted is

EU Vetted is a directory of EU and privacy-first alternatives to US software, built for advanced users: B2B buyers and privacy- or security-conscious users. Each listing carries a manually verified record of where the company is incorporated, where customer data is hosted, which sub-processors touch that data, what the company's CLOUD Act exposure is, and which European compliance frameworks (EUCS, C5, SecNumCloud, ISO 27001/27017/27018) the vendor publicly attests.

What you will not find here: aggregated user reviews, physical products, or an attempt to cover every European startup. What you will find is commercial SaaS that a buyer can credibly evaluate as an EU or privacy-first fit, with the underlying data on the page rather than buried in a PDF behind a sales call.

Why this directory exists

The two existing big European-alternatives directories together rank for most of the consumer demand. Neither surfaces a DPA URL, a sub-processors list, a hosting region, or a CLOUD Act exposure flag. A buyer reading their listings cannot decide whether the listed product passes Schrems II, NIS2, or DORA scrutiny, and a privacy-conscious user cannot tell which option is genuinely independent of US-owned infrastructure.

EU Vetted exists to close that gap. Every score on this site is the editor's reading of public vendor disclosures, captured with a timestamp, re-verified at least quarterly.

Five things we commit to, in public

1. All ads and sponsored placements are clearly labeled

Display ads sit in fixed, disclosed slots and only load after explicit consent. Featured listings and sponsored content carry a visible label (Sponsored in English, Anzeige in German, Sponsorisé in French) on every appearance. UWG (Germany) and Loi Sapin 2 (France) require it, and we would do it anyway.

2. No paid compliance scores

You can pay for a labeled Featured placement or sponsored slot. You cannot pay to have your compliance score raised. Mixing the two destroys the directory's value, which is why no competitor has been able to credibly do scoring.

3. No third-party data resale

We use Crunchbase, LinkedIn, G2 and Capterra as research sources during the audit. We do not re-aggregate that data through an API, a CSV export, or a report. Their ToS forbids it. Ours forbids it for our customers too.

4. Vendor opt-out within 14 days

If you are the rightful owner of a product listed on EU Vetted and you want it removed, we will remove it within 14 days. Public request-removal page, no exceptions, including for paid placements.

5. Source transparency on every data point

Every listing renders Source: vendor DPA at [URL] · verified [date]. We are a meta-layer over public corporate disclosures, not a re-aggregator. If you cannot click through and verify, we did not write it.

What we are not

EU Vetted is not a review platform: user reviews from third-party sites are not aggregated. Physical products, banking apps, and consumer-only services are out of scope. The self-hosted-software world is already well served by awesome-selfhosted; we list commercial SaaS with a hosted offering and include self-hosted-only products only when they are the best European answer in a category.

Who runs this

EU Vetted is run by a single editor. The same person writes every score, sends every removal acknowledgement, and answers every email at the addresses on this page. There is no editorial committee, no parent company, no investor. The Legal Notice lists the registered provider details.

If you have a factual correction, a vendor you think we missed, or a question about how a particular score was reached: hello@euvetted.com. We aim to reply within 3 business days.

Independence from EU institutions

EU Vetted is an independent editorial directory. We are not affiliated with, endorsed by, or otherwise connected to the European Union, the European Commission, the Council of Europe, or any of their institutions, agencies, or bodies. The "EU" in our name refers to the geographic and political scope of the alternatives we cover, not to any official endorsement, certification, or partnership.

The compliance scores, CLOUD Act exposure flags, and ownership signals on this site are the editor's own reading of public vendor disclosures. They are not EU certifications and they do not substitute for the official EUCS, C5, SecNumCloud, ISO 27001/27017/27018, or other formal frameworks they reference.

The circular emblem we use as our logo is an original brand design inspired by European heraldic conventions. It is not the European flag, which is the registered emblem of the Council of Europe (also used by the European Union).