I Compared Every WebSocket-as-a-Service Provider — None of Them Are Hosted in the EU
A few months ago, a friend of mine — CTO at a German healthtech startup — asked me a question I couldn't answer:
"Can you recommend a managed WebSocket service that's hosted in the EU? We need it for patient notifications, and our compliance team won't approve anything running on US infrastructure."
I said: "Sure, there's Pusher, Ably, PubNub..." He stopped me. "No, I mean actually in the EU. Not a US company with an EU cluster. A company under EU law, with servers in Europe, no Cloud Act."
I went looking. And I couldn't find one.
That's when I started building Soventa — but before I get into that, let me share what I found. Because if you've ever needed WebSocket as a Service and wondered what your options actually are, this might save you a few hours of research.
What WebSocket as a Service Actually Means
If you've ever written a WebSocket server, you know the first 20 lines are easy. It's the next 20,000 that get you.
Connection management. Reconnection logic. Heartbeats. Load balancing across multiple servers. Horizontal scaling when your user count goes from 50 to 50,000. TLS termination. Monitoring. Alerting. On-call rotations when something breaks at 3 AM.
WebSocket as a Service (WaaS) takes all of that off your plate. You get a REST API to publish events and a client SDK to subscribe. The service handles everything in between — connections, scaling, failover, security.
The typical integration looks like this:
// Server: publish an event
await fetch("https://api.provider.com/v1/publish", {
method: "POST",
headers: {
"Authorization": "Bearer YOUR_API_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
channel: "dashboard:updates",
event: "new-data",
data: { value: 42 }
})
});
// Client: receive events in realtime
const client = new RealtimeClient({ apiKey: "YOUR_PUBLIC_KEY" });
client.subscribe("dashboard:updates", (event) => {
console.log("New event:", event.data);
});
Minutes to integrate. Years of infrastructure complexity abstracted away. That's the pitch, and honestly, it delivers.
When You Need It (and When You Don't)
Before we get into providers, let's be honest about when WaaS makes sense.
Use a managed service when:
- Your team is 2–10 developers and nobody wants to be on-call for WebSocket infrastructure
- Realtime is a feature of your product, not your product itself
- You need to ship fast — hours, not weeks
- You can't predict your growth trajectory and need elastic scaling
Self-host when:
- You have a DevOps team that enjoys this kind of thing (they exist, I've met them)
- You need custom protocols or edge computing scenarios
- You're at a scale where managed pricing doesn't make sense anymore
- You already run Centrifugo or Socket.IO in production and it works
No judgment either way. But if you're reading this article, you're probably leaning toward managed. So let's look at what's out there.
Every Major Provider, Compared Honestly
I spent weeks researching this. I read pricing pages, DPAs, subprocessor lists, and privacy policies. Here's what I found.
Pusher
HQ: London, UK | Infrastructure: Own clusters in US, EU (Ireland), AP
Pusher basically invented this market. The Channels API is the industry standard — clean, well-documented, SDKs for 40+ platforms. If you've ever integrated a managed WebSocket service, there's a good chance it was Pusher.
The good: Fastest time-to-integration. Best tutorial library. Battle-tested for over a decade. Free tier with 100 connections and 200k messages/day.
The catch: UK company, post-Brexit. The EU cluster runs in Ireland, but the corporate entity is under UK law. If you need to tell a compliance officer "our data stays in the EU under EU jurisdiction" — Pusher doesn't quite get you there.
Ably
HQ: London, UK | Infrastructure: AWS-based, 15 PoPs worldwide
Ably is the most technically sophisticated platform in this space. Guaranteed message ordering, exactly-once delivery, 99.999% uptime SLA, sub-50ms global median latency. Integrations with Kafka, AWS Lambda, Cloudflare Workers. Companies like NASCAR and HubSpot run on Ably.
The good: If you need enterprise-grade reliability, Ably is hard to beat. The feature set is enormous — Presence, History, Queues, LiveSync for database synchronization.
The catch: Also a UK company. The EU data option runs on AWS — and AWS, as a US company, is subject to the US Cloud Act. EU servers, but US jurisdiction over the infrastructure provider. Their DPA uses Standard Contractual Clauses, not EU law natively.
PubNub
HQ: San Francisco, USA | Infrastructure: Own global network
PubNub has been around since 2010 and runs one of the largest realtime networks globally. Strong focus on IoT and mobile, with a unique "Functions" feature that lets you run serverless logic directly in the message flow.
The good: Excellent IoT support, fine-grained access control, global low-latency network.
The catch: US company, fully subject to the Cloud Act. Usage-based pricing can get expensive fast. More complex API than Pusher.
Firebase Realtime Database / Firestore
HQ: Google, Mountain View, USA | Infrastructure: Google Cloud
Not a pure WebSocket service — it's a database with realtime sync. But many teams use Firebase as their realtime layer because the integration with the Google ecosystem is seamless.
The good: Incredibly fast to prototype. No server needed (serverless). Great mobile SDKs.
The catch: It's Google. US company, Cloud Act, data in the US by default. GDPR compliance requires specific configuration. And you're binding yourself to Google's data model — moving away later is painful.
Scaledrone
HQ: Tallinn, Estonia | Infrastructure: DigitalOcean, servers in the US
This is the one that almost got my hopes up. An EU company! Based in Estonia! But then I checked their subprocessor list. The servers run on DigitalOcean infrastructure in the United States.
EU company, US data processing. For GDPR purposes, you have the same Cloud Act problem as with US providers.
PieSocket
HQ: USA (Remote) | Infrastructure: Multiple regions selectable
PieSocket offers WebSocket as a Service with selectable server regions. Simple integration, affordable pricing, built-in presence tracking.
The good: You can choose your server region. Cheapest entry point at $14.99/month.
The catch: US company. Smaller community and less documentation than Pusher/Ably. May not meet enterprise requirements.
The Comparison Table Nobody Wants to See
| Pusher | Ably | PubNub | Firebase | Scaledrone | PieSocket | |
|---|---|---|---|---|---|---|
| HQ | UK | UK | USA | USA | Estonia | USA |
| EU Servers | Yes (IE) | Yes (Enterprise) | Yes | Optional | No (US) | Selectable |
| Jurisdiction | UK | UK | US | US | EU | US |
| Cloud Act Risk | Indirect | Yes (AWS) | Yes | Yes | Yes (DO) | Yes |
| Data Stored | Optional | Up to 24h | Yes | Yes | Yes | Yes |
| Free Tier | 100 conn | 6M msg/mo | 1M tx | Limits | 20 conn | Yes |
You see the pattern?
Not a single established WebSocket-as-a-Service provider operates under EU law with EU-only data processing and no Cloud Act exposure.
Every single one is either a US company, a UK company (post-Brexit = third country under GDPR), or an EU company processing data in the US.
"Does It Actually Matter?"
For most projects? Honestly, no.
If you're building a dashboard that shows anonymized metrics, or a chat feature for a gaming app, or live notifications for an e-commerce platform — the server location doesn't matter. Use Pusher, use Ably, ship your product.
But there are scenarios where it absolutely matters:
Healthcare: Patient data, treatment status updates, lab result notifications in realtime. Health data falls under Article 9 GDPR — special category, stricter rules.
FinTech: Account activity, transaction alerts, KYC status updates. Financial data is personal data, and regulators care deeply about where it's processed.
Legal Tech: Document status updates, client notifications, deadline alerts. Law firms have professional secrecy obligations on top of GDPR.
Government / Public Sector: Citizen communication, administrative status updates. Public authorities in Germany often require servers to be physically located in Germany — not just the EU.
HR Software: Application status updates, employee notifications. Personnel data is among the most protected categories.
If you build software for any of these industries in Europe, your compliance team will ask where your realtime data flows. And right now, the honest answer is: through US or UK infrastructure.
The Self-Hosted Escape Hatch: Centrifugo
Before I talk about what I'm building, I want to give credit where it's due.
Centrifugo is the best open-source realtime server I've found. Written in Go, 9,000+ GitHub stars, scales to over a million concurrent connections. It supports WebSocket, SSE, gRPC, and even WebTransport. Presence, History, Delta Compression — it's technically more capable than most managed services.
If you have a DevOps team, you can run Centrifugo on a Hetzner server in Germany and have a fully GDPR-compliant, Cloud-Act-free realtime infrastructure. It works, it scales, and it's free.
The trade-off: you own everything. Monitoring, scaling, failover, updates, 3 AM alerts. For a team with the expertise, that's fine. For a startup with three developers or an agency shipping client projects on deadlines, it's often not realistic.
What I'm Building with Soventa
After that conversation with my friend, I started working on Soventa — a managed WebSocket service hosted exclusively in Germany, on Hetzner infrastructure. No AWS, no Google Cloud, no Cloud Act.
The core idea is simple:
Zero-Data-Processing: Messages are received, routed to subscribers, and gone. No database, no message log, no temporary storage. Where no data is stored, no data can be leaked, seized, or accidentally exposed.
German jurisdiction: German company, German servers, German law. No Standard Contractual Clauses needed, no adequacy decisions to worry about.
DPA included from day one: A Data Processing Agreement under Article 28 GDPR, included in every tier — including free. Because GDPR compliance shouldn't be an enterprise upsell.
Here's what the planned integration looks like:
// Server: publish an event (planned API)
await fetch("https://api.soventa.de/v1/publish", {
method: "POST",
headers: {
"Authorization": "Bearer sk_live_xxx",
"Content-Type": "application/json"
},
body: JSON.stringify({
channel: "dashboard:alerts",
event: "new-transaction",
data: { amount: 149.99, currency: "EUR" }
})
});
// Client: receive events (planned SDK)
import { createSoventaClient } from "soventa-js";
const client = createSoventaClient({ apiKey: "pk_live_xxx" });
client.subscribe("dashboard:alerts", (event) => {
console.log("New alert:", event.data);
});
If you've used Pusher or Ably, this should feel familiar. That's intentional.
What Soventa Won't Be
I want to be upfront about the trade-offs because I've seen what happens when startups overpromise.
Soventa won't replace Ably if you need 15 global points of presence and sub-50ms latency worldwide. It won't have Kafka integrations, message queues, or webhooks at launch. The first version will be JavaScript SDK only.
It's not trying to be the best realtime platform in the world. It's trying to be the best realtime platform for teams building software under European data protection requirements.
If that's not your constraint, Pusher and Ably are excellent choices. Seriously. I use Pusher's documentation as a reference for API design — it's that good.
Where Things Stand
Soventa is currently in the validation phase. There's no product you can use today. There's a working WebSocket prototype, a clear technical architecture, and a decision to build the MVP based on real requirements from real developers — not in isolation.
If this resonates with you — if you've ever had a compliance team reject your Pusher integration, or spent weeks documenting SCCs for a realtime service, or just wished there was a managed WebSocket provider that's straightforwardly EU-based — I'd love to hear from you.
Sign up for updates at soventa.de. No spam, no marketing emails. Just a ping when there's something to test.
And if you think I'm wrong about the market gap, or if I've missed a provider that is EU-hosted and EU-jurisdictioned — please tell me in the comments. I'd genuinely like to know.
Tags: #webdev #javascript #opensource #startup
Soventa is a managed realtime messaging platform being built in Germany. Hetzner hosting, German law, zero-data-processing, DPA included. Currently in validation — request early access.
Top comments (0)