SECURITY & SOVEREIGNTY
Your data, your servers.
ZRO is the sovereign alternative to US cloud construction platforms. Built in Geneva. Hosted in Switzerland. Self-hostable anywhere you can plug in a server.
SOVEREIGNTY PILLARS
Six principles. No compromise.
01
SELF-HOST
Run it on your own hardware
Docker Compose and Kubernetes manifests for full on-premise deployment. Air-gapped installations supported. No internet dependency required after setup.
02
SWISS nFADP
New Federal Act on Data Protection
ZRO is built to comply with the Swiss nFADP. Data processing agreements, data minimization, and purpose limitation are built into the platform architecture.
03
GDPR
EU General Data Protection Regulation
Full GDPR compliance for EU customers. Data portability, right to erasure, and consent management are native platform features.
04
ENCRYPTION
AES-256 at rest, TLS 1.3 in transit
All data encrypted at rest with AES-256. All connections enforce TLS 1.3. No plaintext data at any point in the pipeline.
05
AUDIT LOGGING
Every action, append-only
Every write operation and every access to sensitive data is logged in an append-only audit trail. Exportable for compliance review.
06
SOVEREIGN AI
Local models, no foreign dependencies
Qwen 2.5 for copilot, LLaVA for photo estimation. Both run on local Ollama. No prompts, no context, no project data ever sent to third-party AI providers.
CONTROLS
Every control, documented.
DATA RESIDENCY
Geneva. Switzerland. Your jurisdiction.
All managed ZRO instances store data in Swiss data centers. No replication to US servers, ever. Enterprise customers can self-host on their own infrastructure for full air-gapped sovereignty.
Every AI feature runs locally on Ollama. No prompts leave your environment. No project data is sent to OpenAI, Google, or any other third-party lab.
CONTACT
Talk to the security team.
Security questionnaires, penetration tests, architecture reviews, and self-host discussions. Direct line to our engineers.
Contact security