Skip to content
datacenter locations · 7 jurisdictions

Seven jurisdictions for the workloads
that mainstream cloud won't host.

Three EU jurisdictions optimised for legal stability and price-performance (Bulgaria, Romania, Moldova). One Eastern European cost-optimised option (Ukraine). Three non-EU options for legal threat-model alignment with non-European audiences (Panama, Hong Kong, Singapore). Every location is racked in tier-III+ datacenters with hardware we own or contract directly. Same KVM hypervisor stack, same SMTP relay services, same payment options across all of them.

Bulgaria

Sofia
BG
Tier
Tier III+
Network
10 Gbps uplink, 500 Gbps DDoS mitigation

EU member, GDPR, no mandatory data retention for hosting providers

View location details

Moldova

Chișinău
MD
Tier
Tier III
Network
10 Gbps, geographic diversification from EU jurisdiction

Non-EU, local court order required for any data access; foreign DMCA non-enforceable

View location details

Romania

Bucharest
RO
Tier
Tier III+
Network
40 Gbps backbone, low-latency to EU/MENA

EU member with permissive copyright enforcement tradition; strong telecom infrastructure

View location details

Panama

Panama City
PA
Tier
Tier III
Network
Best LATAM connectivity, multiple submarine cables

Territorial taxation; no mandatory log retention for hosting; 100-year offshore tradition

View location details

Hong Kong

Hong Kong
HK
Tier
Tier III+
Network
Asia gateway, direct peering to mainland and SEA

No general data retention law for ISPs; common law jurisdiction

View location details

Singapore

Singapore
SG
Tier
Tier IV
Network
Premium APAC hub, sub-30ms to most of Asia

Solid legal framework, neutral data sovereignty, strong privacy via PDPA

View location details

Ukraine

Kyiv / Lviv
UA
Tier
Tier III
Network
10 Gbps, low cost per TB

Non-EU, traditionally permissive; geopolitical risk acknowledged transparently

View location details
how to choose

Picking a jurisdiction is a threat-model decision.

Audience geography matters: Gmail/Outlook latency to your customers determines a small but real piece of perceived performance, and B2B receivers in some regions check sending-country reputation. Bulgaria and Romania default well for European audiences. Singapore and Hong Kong default well for APAC. Panama defaults well for Americas.

Legal threat model matters more: where is your business incorporated, where do your customers sue, what is the realistic worst case if a competitor or hostile party submits a takedown. EU jurisdictions are predictable and process-bound; non-EU jurisdictions add friction to most retaliatory legal motions but require local-court action for any data access. Read each location's full legal section before deciding.

Workload type matters last: most modern sending workloads run fine in any location we operate. Exceptions are content-pinned requirements (a specific country's data-residency rule) and latency-sensitive workloads to specific receivers.

decision matrix

How customers typically pick their primary jurisdiction.

The seven jurisdictions divide cleanly into three operational categories. Bulgaria and Romania are EU member states with permissive enforcement traditions, clean IP ranges that have not accumulated historical spam association, and reliable tier-III+ infrastructure at moderate cost. These serve as the default recommendations for European audiences and for operators who need EU jurisdiction for GDPR compliance or business-customer trust reasons. Moldova and Ukraine sit adjacent to the EU geographically but operate under non-EU legal frameworks; they offer lower costs and stronger jurisdictional separation at the price of slightly higher operational risk from regional geopolitical conditions.

Panama serves the Americas-facing operations that need jurisdictional separation from US legal process while maintaining low-latency access to North and South American audiences. The 100-year tradition of offshore corporate and banking structures provides a stable legal framework specifically designed to resist extraterritorial pressure. Hong Kong and Singapore serve APAC operations with two very different postures: Hong Kong offers common-law tradition and no general data retention requirement for ISPs but has experienced regulatory shifts since 2020 that some operators weigh in their decision; Singapore offers premium infrastructure with neutral data sovereignty and strong PDPA privacy protections at higher cost than the other locations.

Most production deployments use two jurisdictions: a primary aligned to audience geography for performance, and a secondary in a different legal sphere for redundancy and disaster recovery. The most common pairings we see in 2026 are Bulgaria-plus-Moldova for European operators wanting both EU presence and a non-EU fallback, Romania-plus-Panama for operators with mixed European and Americas audiences, and Singapore-plus-Hong-Kong for APAC operators distributing risk across two distinct regulatory environments. The privacy SaaS case study in our case-study library documents one specific multi-jurisdiction architecture in detail.

2026 considerations

What has changed in jurisdiction selection over the last two years.

The structural geography of offshore hosting has not changed much through 2024-2026, but several specific factors have shifted that affect jurisdiction selection for email-adjacent workloads specifically. Gmail and Microsoft both moved to SMTP-level rejection of non-compliant bulk mail in late 2025 and early 2026 respectively. The enforcement applies uniformly regardless of sending jurisdiction; receiver-side treatment does not give preferential weight to particular countries, but the IP-range reputation history per jurisdiction does affect baseline acceptance. Bulgaria and Romania benefit from cleaner IP-range histories in this respect than some commonly-recommended alternatives.

Sender geography alignment to recipient geography continues to be the strongest single deliverability variable that jurisdiction selection actually controls. Industry data from Q1 2026 confirms that sending from EU-resident infrastructure to German and French corporate inboxes produces 91% primary-tab placement, while sending the same content from US-resident infrastructure to the same recipients produces 62% placement. The 29-percentage-point gap converts directly to revenue for most B2B operations. European audiences should receive mail from European infrastructure; APAC audiences should receive mail from APAC infrastructure. Cross-region sending is operationally viable but pays a measurable reputation tax.

Legal-process pressure has continued shifting toward civil-court proceedings rather than administrative takedowns across most of the jurisdictions we operate in. The DMCA- versus-court-order entry in our wiki documents the specific distinctions. Operationally the implication is that jurisdictions outside the US treaty network provide more substantial protection in 2026 than they did in 2022-2023 for content that attracts copyright-style or administrative legal pressure. The same jurisdictions provide less protection against legitimate court-issued process from authorities with actual jurisdiction; the structural protection is against process from authorities that lack jurisdiction.

common questions

Questions we get about jurisdiction selection.

Does jurisdiction affect deliverability directly?

Receiver-side filtering does not assign preferential weight to specific countries. The mechanism is indirect: jurisdictions differ in IP-range reputation history (some ranges are historically cleaner than others), in network connectivity to specific receivers (latency and routing affect a minor deliverability component), and in geographic alignment to recipient audiences (the largest single factor jurisdiction actually controls). Bulgaria and Romania benefit from cleaner IP-range histories than some alternatives; Singapore offers better APAC peering than European options for that specific recipient mix.

Can I move between jurisdictions later if my needs change?

Yes, with the operational cost of any IP migration: new sending IPs start with neutral reputation that needs warming, which takes 30-45 days under 2026 receiver conditions. Domain reputation transfers because it lives at the domain level rather than at the IP, but per-IP warmup is necessary. Most customers who move between jurisdictions do so during planned infrastructure refreshes rather than reactively, because the reactive case (urgent migration due to incident) typically costs 60-90 days of degraded delivery during recovery. The migration services in our service catalogue handle the mechanics, including parallel-period operation to avoid deliverability dips during the transition.

How do you handle court orders from each jurisdiction?

Court orders issued by courts with jurisdiction over the specific infrastructure they reference are honoured. Court orders from jurisdictions that lack direct authority over our operations are not honoured regardless of their framing. The per-jurisdiction detail pages document the specific legal-process landscape for each location: EU member states (Bulgaria, Romania) operate under EU procedural frameworks including the MLAT system for cross-border process; Moldova and Ukraine require local court orders without honouring MLAT-style requests automatically; Panama, Hong Kong, and Singapore all require local court orders or appropriate mutual legal assistance treaties. The structural protection is against pressure that lacks legitimate jurisdiction; it is not protection against legitimate authority from jurisdictions that actually apply.

Which jurisdiction is "the most anonymous"?

There is no single answer because "anonymous" describes several distinct properties that different jurisdictions provide at different levels. For protection against extraterritorial legal pressure, Panama and Hong Kong are structurally strongest. For technical privacy (no mandatory data retention, no surveillance partnerships visible in public legal frameworks), Moldova is operationally strong. For combined legal and technical protection at moderate cost, Bulgaria offers an unusual combination of EU jurisdiction (predictable legal framework) with permissive enforcement (low practical retention requirements). The right answer depends on which specific properties matter for the customer's threat model, and most customers benefit from spreading across two jurisdictions rather than concentrating in a notional "most anonymous" one.

Do you offer custom geographic combinations beyond these seven?

For specific projects with sustained volume justifying dedicated capacity, we can deploy in additional jurisdictions on a project basis. Setup typically takes 60-90 days from contract signing because each new jurisdiction requires local entity arrangement, datacenter contracting, and IP range acquisition. The cost reflects the underlying infrastructure cost in the specific jurisdiction. Most customers find the existing seven sufficient because the coverage spans the major audience geographies; custom jurisdictions are usually pursued for legal-structure reasons specific to a customer's business rather than for operational reasons.

How does pricing compare across the seven locations?

Pricing varies by jurisdiction based on underlying infrastructure costs and IP-range availability. The general ranking from lowest to highest cost is roughly Moldova and Ukraine, then Romania and Bulgaria, then Hong Kong, then Panama and Singapore. The spread between cheapest and most expensive is typically 30-50% on equivalent specifications; the more expensive locations include factors like premium uplinks, better datacenter tiers, or jurisdictional value that justifies the differential for customers who need them. Most workloads run economically in any of the seven; pricing is rarely the deciding factor in jurisdiction selection.

Jurisdiction selection framework for sending infrastructure

Selecting jurisdictions for sending infrastructure deployment involves tradeoffs that vary by customer specifics. The framework below identifies the variables that matter most for the decision rather than producing a single ranking that obscures the underlying tradeoffs.

Variable 1: recipient geography alignment. Sending infrastructure performs better when geographically aligned with recipient distribution. EU recipients receive better placement from EU sending infrastructure; US recipients receive better placement from US infrastructure; Asian recipients receive better placement from Asian infrastructure. The alignment effect is substantial: per 2026 industry data, US-origin sending to German corporate recipients achieves approximately 62% inbox placement while EU-origin sending to the same recipients achieves approximately 91%.

Variable 2: regulatory framework alignment with content category. Different jurisdictions handle different content categories differently. Adult content operates with different friction across jurisdictions; financial services adjacent operations have different licensing requirements; gambling-adjacent operations face different exposure. The customers content category should align with jurisdictions where the category operates without regulatory friction.

Variable 3: legal-process exposure preferences. Customers vary in their preferences for jurisdictional legal-process exposure. Some prefer EU jurisdictions with predictable commercial frameworks; others prefer non-EU jurisdictions to distance themselves from EU and US legal processes; others prefer Asian jurisdictions for similar distance from European frameworks. The preference should match the customers actual threat model rather than abstract preferences.

Variable 4: operational sophistication requirements. Some jurisdictions provide more operational sophistication than others. Banking infrastructure, payment processing, business services, technical talent availability vary by jurisdiction. Customers needing complex operational support benefit from jurisdictions with mature infrastructure; customers needing only basic hosting can use less-developed jurisdictions when cost advantages justify the choice.

Variable 5: customer audience compatibility. Some customer audiences are uncomfortable with infrastructure in specific jurisdictions for political or commercial reasons. The choice should align with customer audience tolerance for the perceived risk profile of the hosting jurisdiction.

Operational considerations across jurisdictions

Beyond the framework variables, several operational considerations affect day-to-day operations across the seven jurisdictions we operate in. The considerations below capture what production operators settle on after experiencing the operational realities of each jurisdiction.

Network latency and routing: each jurisdiction has distinct network characteristics that affect both sending performance and the operational support patterns customers can use. Bulgaria and Romania have strong European connectivity with sub-50ms latency to major EU receivers. Moldova has somewhat higher latency reflecting less-developed peering arrangements. Ukraine network conditions vary based on geopolitical conditions. Panama has good connectivity to North America and Latin America but higher latency to Europe and Asia. Hong Kong and Singapore have excellent Asian connectivity but distance penalties for European receivers.

Support timezone alignment: operational support availability across jurisdictions matches local business hours plus our extended support coverage. Customers in distinct timezone zones from their hosting jurisdictions benefit from understanding the support overlap patterns. Most operational issues can be addressed asynchronously through ticket systems regardless of timezone; real-time conversation requires timezone overlap or asynchronous coordination.

Local payment infrastructure: where applicable, local payment infrastructure varies by jurisdiction. The variation affects which payment methods are operationally efficient for specific customer types. Most customer payments flow through cryptocurrency channels regardless of jurisdiction; customers preferring fiat payment may find different jurisdictions easier to transact with depending on their banking arrangements.

Regulatory evolution: each jurisdiction has its own regulatory evolution trajectory. Singapore expanded virtual-asset service regulation through 2024-2025. Hong Kong continues evolving its political relationship with mainland China. EU jurisdictions follow EU regulatory updates. The regulatory evolution matters for long-term planning; customers committing to long-term operations benefit from periodic review of jurisdictional conditions.

Multi-jurisdictional sending architecture patterns

Customers operating sending infrastructure across multiple jurisdictions face architectural decisions that single-jurisdiction operations do not. The patterns below capture what production customers settle on for multi-jurisdictional architecture.

Pattern 1: per-region sending infrastructure. Separate sending pools for each major recipient region (EU recipients send from EU infrastructure, Americas recipients from Panama, Asia recipients from Hong Kong/Singapore). The pattern produces optimal placement at the cost of operational complexity managing multiple pools. Suitable for high-volume operations where placement improvements justify the operational investment.

Pattern 2: primary plus regional. Primary sending pool in one jurisdiction handles most sending; regional secondary pools handle recipients where the primary pool produces materially worse placement. The pattern balances operational simplicity with placement optimization. Suitable for moderate-volume operations where some regional optimization adds value but full per-region architecture is operationally heavy.

Pattern 3: jurisdictional redundancy. Primary and secondary sending pools in different jurisdictions for redundancy rather than placement optimization. The pattern protects against single-jurisdiction events affecting operations. Suitable for customers prioritizing operational continuity over per-recipient placement optimization.

Pattern 4: pure single-jurisdiction with multi-jurisdiction backup. Standard single-jurisdiction operations with secondary capacity in a different jurisdiction activated only during incidents. The pattern provides incident response capability without operational complexity during normal operations. Suitable for customers with stable sending patterns and limited tolerance for operational complexity.

Customer migration patterns between jurisdictions

Customer migration between jurisdictions happens occasionally as customer requirements evolve or as jurisdictional conditions change. The patterns below capture what we have observed across customer migrations.

Pattern 1: regulatory change response. Customers occasionally migrate when their existing jurisdiction develops regulatory frameworks that conflict with their operations. The Singapore virtual-asset service regulation evolution through 2024-2025 produced some customer migrations from Singapore to other jurisdictions. The migration is operational rather than urgent; customers typically plan migrations over 30-90 days rather than executing them under time pressure.

Pattern 2: business model evolution. Customers whose business model evolves into different content categories sometimes migrate to jurisdictions better aligned with the new content category. The migration reflects customer-side strategic decisions rather than provider-side requirements; we support the migration but do not initiate it.

Pattern 3: deliverability optimization. Customers whose recipient distribution changes substantially sometimes migrate sending infrastructure to better-aligned jurisdictions. A customer originally targeting US recipients expanding to EU audiences typically benefits from EU sending infrastructure for the EU portion of their volume; the migration may be partial (adding EU infrastructure rather than replacing existing infrastructure) or complete depending on the customer specifics.

Pattern 4: redundancy expansion. Customers expanding from single-jurisdiction to multi-jurisdiction operations are technically migration cases. The expansion pattern is more common than full migration because most customers find adding secondary infrastructure more operationally efficient than fully migrating existing infrastructure.

Migration timelines vary substantially. Simple migrations of standard infrastructure can complete in 30-45 days. Complex migrations involving multiple components (sending infrastructure, content infrastructure, payment infrastructure) can take 90-180 days. The longer timelines reflect the operational reality of coordinating multiple parallel migration tracks rather than artificial extension.

Hosting infrastructure compliance considerations across jurisdictions

Compliance considerations vary across our hosting jurisdictions in ways that affect customer decision-making for specific regulated use cases. The summary below captures key compliance properties of each jurisdiction.

Bulgaria and Romania: full EU regulatory framework including GDPR, Digital Services Act, NIS2 Directive for relevant sectors. Mature commercial framework producing predictable compliance outcomes. Banking infrastructure supporting standard commercial transactions including SEPA. Some regulatory friction for cryptocurrency-related operations under MiCA framework implementation.

Moldova: non-EU regulatory framework with selective alignment to EU frameworks for trade purposes. Less mature commercial framework than EU alternatives but distance from EU regulatory framework when that distance is operationally valuable. Limited banking infrastructure for non-EUR operations.

Ukraine: complex regulatory framework reflecting both EU alignment work and ongoing geopolitical conditions. Strong technical infrastructure with talent and operational sophistication; regulatory predictability varies based on geopolitical conditions. Suitable for technically sophisticated operations; less appropriate for operations requiring regulatory stability.

Panama: non-EU non-US framework with mature offshore tradition. USD-denominated operations with stable banking infrastructure. Recent additions to international tax transparency frameworks affect some customer planning; specific situations should be evaluated against current Panamanian regulations rather than historical positioning.

Hong Kong: complex evolving framework reflecting the relationship with mainland China. Strong commercial framework with English-language proceedings. Customers evaluating Hong Kong should consider both current operational properties and potential future regulatory evolution.

Singapore: mature commercial framework with strong rule of law. Recent regulatory expansion in virtual-asset services through 2024-2025. Suitable for operations requiring operational predictability; less appropriate for operations preferring minimal regulatory framework.

Geographic distribution and network topology considerations

Our seven hosting jurisdictions provide geographic distribution that single-region operations cannot match. The distribution produces operational benefits beyond legal jurisdiction diversification: network topology diversity, recipient-geography alignment for sending operations, redundancy across non-correlated infrastructure events.

Network topology diversity matters because connectivity events affect specific regions rather than affecting all regions simultaneously. Submarine cable disruptions, BGP routing issues, regional network problems each have specific geographic scope; infrastructure distributed across non-correlated regions survives events that single-region infrastructure does not.

Recipient-geography alignment supports placement optimization documented elsewhere on this page. The seven jurisdictions span Europe (Bulgaria, Romania, Moldova, Ukraine), Latin America (Panama), and Asia (Hong Kong, Singapore) producing alignment options for most major recipient geographies that customer sending typically targets.

Jurisdiction-specific support patterns and operational hours

Operational support patterns vary by jurisdiction in ways that affect customer support experiences. Most operational issues resolve asynchronously regardless of jurisdiction; real-time support requires timezone overlap that varies by jurisdiction.

European jurisdictions (Bulgaria, Romania, Moldova, Ukraine): primary support hours align with European business hours plus extended coverage. Customers in European or African timezones see real-time response during business hours; customers in other timezones see asynchronous response.

Panama: primary support hours align with Latin American business hours. Customers in Americas timezones see real-time response during business hours.

Hong Kong and Singapore: primary support hours align with Asian business hours. Customers in Asian or Australian timezones see real-time response during business hours.

Need help choosing?

Tell us audience geography, business threat model, and rough workload profile. We will recommend a primary location and a secondary for redundancy. No KYC required to consult.

Ask on Telegram Open ticket