Italian developer-friendly headless CMS (Milan); 25K+ businesses; bootstrapped feel, no US PE.
- FROM
- €39/mo
- CLOUD ACT
- MINOR
A single roll-up of ownership and CLOUD Act exposure.
Paris-based open-source headless CMS (founded 2017); MIT-licensed core, Strapi Cloud PaaS, US-VC-funded (Insight, CRV).
Strapi, in the Headless CMS category, offers EU hosting with France as its hosting location, but a US parent or sub-processor leaves material CLOUD Act exposure.
Strapi (Paris FR, founded 2017) is the leading open-source headless CMS (MIT license) with Strapi Cloud (PaaS) and Enterprise self-hosted editions; SOC 2 certified, GDPR compliant; but Series C 2022 was led by Insight Partners (US PE/VC) with CRV (US) and Index: material US-VC control flips signal to eu_hq_us_funded; no public ISO 27001 attestation.
How exposed customer data is to US authorities under the CLOUD Act (Clarifying Lawful Overseas Use of Data Act).
Where ultimate control over the operating company sits.
Exposure depends on how you run this product.
Vendor-operated: the sub-processors below apply.
How exposed customer data is to US authorities under the CLOUD Act (Clarifying Lawful Overseas Use of Data Act).
Deploy on your own EU infrastructure and you control hosting and every sub-processor.
How exposed customer data is to US authorities under the CLOUD Act (Clarifying Lawful Overseas Use of Data Act).
Strapi (Paris, France, founded 2017) is the most-installed open-source headless CMS: MIT-licensed core, Strapi Cloud PaaS-hosted offering, and Enterprise Edition self-hosted with extended features. The OSS community is significant (>60K GitHub stars). Compliance: SOC 2 certified, GDPR compliant (no public ISO 27001 attestation surfaced at time of research). The procurement-grade caveat is funding: Series C 2022 was led by Insight Partners (US growth-PE, $90B AUM, New York) with CRV and Index. So the company is French-operated but US-PE-controlled at cap-table level. Effective story when self-hosted (MIT) on EU infra: customer data never reaches Strapi, so cap-table US influence is moot for that deployment.
Italian developer-friendly headless CMS (Milan); 25K+ businesses; bootstrapped feel, no US PE.
Norwegian headless/hybrid CMS (Oslo, est. 2000); founder-owned, ISO 27001 + 9001 certified; but managed Enonic Cloud runs on Google Cloud + Azure + Fastly.
Berlin GraphQL-native headless CMS (formerly GraphCMS, founded 2017); enterprise clients incl. Samsung, LEGO; mostly EU-funded.