European CRM

A European CRM — with your data in Switzerland.

When a customer — or your own DPO — asks where their data physically lives, 'somewhere in a US cloud, region to be confirmed' is not an answer. FlowGrid's production database runs in Zurich. Your contacts, deals, and notes are stored in Europe, encrypted field by field, and the AI runs in the EU by default.
Start Free TrialSee security details

Database hosted in Switzerland · EU AI inference by default · GDPR-compliant with a DPA

Why this keeps coming up

Half of a vendor review is now a geography question.

  • Where is our customer data physically stored — a country with EU-grade data protection, or just 'the cloud'?
  • Which subprocessors can touch that data, and which country is each one in?
  • When the AI features run, does our customer data quietly get shipped somewhere we would then have to explain to our own customers?

How FlowGrid answers

Data residency you can point to on a map.

A contact list in FlowGrid

Where your data lives

Your production database runs in Zurich.

The database holding your contacts, organizations, deals, activities, and notes runs in the Zurich region. Not 'the EU, probably' — a specific country, Switzerland, with one of the strictest data-protection regimes anywhere.

Switzerland holds an EU adequacy decision, so for an EU-based team this is treated like keeping data inside the EU — no special transfer paperwork, just a DPA.

FlowGrid's audit log showing a recorded change

Encrypted on top of location

Field-level encryption with keys scoped to your workspace.

Location is the first layer. The second: every contact field is encrypted at rest with AES-256-GCM, and each workspace has its own key. One workspace's data cannot be decrypted with another's key — not by an attacker who reads the database, not by us.

Multi-tenant isolation is enforced at the Postgres layer, not in application code, so a cross-tenant read isn't a misconfiguration risk — it's a database-level impossibility. Every mutation lands in an append-only audit log.

The Nexus AI assistant building a view in FlowGrid

The AI stays in Europe too

An AI assistant that doesn't undo your data-residency story.

Nexus is FlowGrid's AI assistant — 60+ tools bound to your CRM schema, not a generic chat box. By default its inference runs on AWS Bedrock in the EU, on a zero-retention configuration: prompts and the records it reads aren't logged, and aren't used to train any model.

That's the default for every workspace — not a premium privacy tier, not an enterprise checkbox. The same posture covers Nexus chat, AI-assisted reports, and AI-assisted import.

Verifiable, not assumed

We're early. Here's how you can verify us anyway.

How your data is protected

Field-level AES-256-GCM encryption with tenant-scoped keys. Multi-tenant row-level isolation. Every mutation logged.

Read the security details →

Legal & compliance

GDPR-compliant with a Data Processing Addendum. Your legal contact can pull it now — not after a sales call.

Read the DPA →

Built in public

Public release notes coming soon. Follow what we’re shipping →

Built in public

We don't have customer logos to show you yet.

FlowGrid is early. Instead of borrowed credibility, here's what you can verify yourself:

Honest answers

The questions you'd actually ask.

Give your DPO a straight answer.

Your customer records, stored in Switzerland. AI that runs in the EU by default. A DPA your legal contact can read before they finish their coffee.
Start Free Trial

See also: security details · our privacy-first CRM · subprocessor list