Two friends of mine run small software companies in Germany. Both needed realtime infrastructure — one for a live dashboard, the other for in-app notifications. Simple stuff. Pusher, Ably, done, right?
Not quite. Both work in regulated industries. Their clients' compliance teams had one question: "Where is the data processed?"
The answer for every managed realtime provider on the market: USA or UK.
That's when I started digging. And what I found surprised me.
There Is No European/German Managed Realtime Provider
I spent weeks researching every option. Here's what the landscape actually looks like:
- Pusher — UK-based, EU cluster in Ireland. Solid product, but British company, post-Brexit data adequacy questions.
- Ably — UK-based, global edge network. Same jurisdiction issue.
- PubNub — USA. US Cloud Act applies.
- Firebase / Google Cloud — USA. US Cloud Act applies.
- AWS AppSync — USA. Even with Frankfurt region, the parent company is subject to US Cloud Act.
- Azure SignalR — Same story.
Every single managed realtime service is either US-based or UK-based. There is no European alternative. Not one.
I thought I must be missing something. Surely someone in Germany had built this? Turns out, someone tried.
The deepstreamHub Story
In 2016, a Berlin-based startup called deepstreamHub launched exactly this — a managed realtime platform from Germany. They raised $1M in seed funding from BlueYard Capital. Their open-source project deepstream.io got 7,200+ GitHub stars.
Then in late 2017, they shut down the managed cloud service. With 3 days notice. The UK company was dissolved. The open-source project still exists but is barely maintained.
That's it. That's the entire history of German managed realtime infrastructure. One attempt, one failure, eight years of nothing since.
Why Nobody Tried Again
I think there are three reasons:
1. The market looks small from Silicon Valley. If you're a VC-backed startup in San Francisco, "GDPR-compliant realtime messaging" sounds like a niche within a niche. And it is — but it's a niche where customers pay premium prices and have very low churn.
2. It's unglamorous infrastructure work. WebSocket connection management, channel routing, horizontal scaling — it's not the kind of thing that gets you on the front page of TechCrunch. But it's exactly the kind of thing that European companies desperately need.
3. The regulatory landscape changed after deepstreamHub died. NIS2 came into effect in October 2024. GDPR enforcement got serious teeth — fines are actually being collected now. More and more European companies have adopted explicit "no US cloud providers" policies. The market that was too small in 2017 is growing fast in 2025.
What I'm Building
Soventa is a managed realtime messaging platform, hosted exclusively in Germany. The core idea is simple: you publish events via REST API, your clients receive them via WebSocket. That's it.
Here's what a basic integration looks like:
Publishing an event (server-side)
await fetch("https://api.soventa.de/v1/publish", {
method: "POST",
headers: {
"Authorization": "Bearer sk_live_xxx",
"Content-Type": "application/json"
},
body: JSON.stringify({
channel: "dashboard:alerts",
event: "new-transaction",
data: { amount: 149.99, currency: "EUR" }
})
});
Subscribing to events (client-side)
import { createSoventaClient } from "soventa-js";
const client = createSoventaClient({ apiKey: "pk_live_xxx" });
client.subscribe("dashboard:alerts", (event) => {
console.log("New alert:", event.data);
// { amount: 149.99, currency: "EUR" }
});
If you've used Pusher or Ably before, this should feel familiar. That's intentional — the DX should be what you're used to. The difference is what happens under the hood.
The Architecture Decisions
A few deliberate choices that make Soventa different from the US-based alternatives:
Zero-Data-Processing. Messages exist only in RAM. There is no database, no message log, no persistent storage. Data enters the WebSocket server, gets routed to subscribers, and is gone. This isn't just a privacy feature — it's a fundamental architecture decision. If there's no data at rest, there's no data to breach, subpoena, or accidentally expose.
Hard TTLs. Every piece of data that temporarily exists in the system has a strict time-to-live. Not configurable, not optional. When the TTL expires, the data is gone. Period.
Hetzner, not AWS. The servers run on Hetzner in Germany. Not AWS Frankfurt (still Amazon, still US Cloud Act), not Google Cloud Europe (still Google). A German hosting provider, subject to German law, full stop. And honestly — for a WebSocket routing service, Hetzner's dedicated servers give you better price-performance than any hyperscaler.
Raw ws, not Socket.IO. I deliberately chose not to build on Socket.IO. It's a great library, but it adds abstraction and overhead that a managed service doesn't need. Raw WebSocket connections with a thin protocol layer on top give more control over connection management, memory usage, and scaling behavior.
What's Honestly Missing
I believe in being upfront about where things stand. Here's what Soventa does not have yet:
- No presence (who's online in a channel)
- No message history (by design for now, might offer opt-in later)
- No webhooks
- No multi-region failover (single Hetzner location currently)
- Only a JavaScript SDK (coming soon, Python and others are planned but not built)
- No SOC 2 certification (coming, but that takes time and money)
This is an MVP. It does one thing — route realtime events between servers and clients — and it does it on German infrastructure with zero data persistence. Everything else comes later, driven by what actual users need.
The Uncomfortable Questions
I ask myself these regularly, and I think anyone evaluating this should ask them too:
"deepstreamHub had $1M and failed. What makes you different?"
They tried to build a full-featured realtime database with sync, conflict resolution, and RPCs. I'm building a much simpler product — pub/sub message routing. Smaller scope, lower costs, faster path to revenue.
"Can a solo founderor a small team run infrastructure?"
Fair concern. Automated monitoring, health checks, and auto-recovery go a long way. But ultimately, this is something I need to solve with redundancy and eventually a bigger team. I'm not pretending it's solved yet.
"Is the market big enough?"
I don't know for certain. That's why I'm validating. But many conversations I have with developers in regulated industries confirm the same thing: they can't find it, and they're currently either self-hosting or accepting the compliance risk with US providers.
Why I'm Writing This
I'm not trying to sell you anything. Soventa is in early access — there's nothing to buy yet.
I'm writing this because I genuinely want to know: does this resonate with your experience?
If you're building software for European clients in regulated industries:
- How do you handle realtime features today?
- Does the hosting location of your infrastructure providers actually come up in compliance reviews?
- Would you switch from Pusher/Ably to a European alternative, or is it "good enough"?
I've been building this based on conversations with a handful of people. I'd love to hear from more of you — especially the ones who think I'm wrong.
If you want to follow along or try the early access: soventa.de
Top comments (0)