Most teams that care about EU data sovereignty go through a careful exercise: pick an EU cloud provider, contract with EU sub-processors, configure data residency in the right region, sign DPAs that say all the right things. Then they leave the domain registered at GoDaddy or Namecheap and the DNS resolved through Cloudflare or Route 53. The result is an architecture where the application data stays in the EU but the very first lookup that resolves your customer's browser to your application goes through US infrastructure governed by US law. The Cloud Act covers it. The application-layer EU sovereignty work was real but the DNS layer broke the seal.
This is not theoretical. The DNS resolution is where every connection starts. The records you publish (MX for mail, A and AAAA for web, CAA for certificate authority restrictions, TLSA for DANE, the DKIM and SPF and DMARC records that gate your email) all sit on whatever nameserver your domain points at. If that nameserver is operated by a US company, US authorities can compel changes to those records, US authorities can compel the operator to log queries (which reveals who is talking to your services), and US authorities can compel the registrar to transfer the domain itself if the legal grounds exist. None of this is hypothetical and all of it has happened.
For most workloads the risk is small enough that it does not matter. Cloudflare DNS is excellent infrastructure, Route 53 is operationally solid, and the Cloud Act exposure rarely results in actual harm to small commercial sites. We are not arguing that everyone needs to leave US-based DNS. We are arguing that for the workloads where EU sovereignty actually matters (regulated industries, journalism, EU public sector, anything with a real DPA review), the DNS layer needs to be on the same side of the line as the rest of the architecture. Otherwise the work you did at the application layer was theatre.
This is what we sell. Domain registration through EU-jurisdiction registrars (Gandi for .com and .net through their French operation, Hetzner for .de, EuroDNS for .lu and other niche TLDs, our own ICANN-accredited entity for newer gTLDs). Authoritative DNS hosted on our own anycast network across 7 PoPs (5 in EU plus optional UK, US, and Panama). DNSSEC, DANE, BIMI, all the modern record types you would expect. A REST API that does not require an enterprise contract to access. A Terraform provider that exists, works, and is maintained. And one contract in EUR for both products instead of three contracts across three providers.
Two things this is not. It is not a CDN. We do not do edge caching, we do not do origin shielding, we do not compete with Cloudflare on the ten things Cloudflare does that we do not. If you need a CDN, use a CDN. We integrate cleanly with bunny.net, KeyCDN, Fastly, and any other CDN that accepts an authoritative DNS pointer. It is also not a cheap consumer-grade product. The free tier exists for small zones (we like running infrastructure for the open source projects that need it) but the paid product is priced for serious operators, not domain hobbyists.
And the part that makes the rest of this page worth reading: we have been operating DNS authoritative infrastructure since 2008. The same anycast network that serves the email infrastructure half of our business serves the DNS half. The same engineers who tune our MTAs read our DNS query logs. The boring operational stuff (rolling DNSSEC keys, monitoring zone propagation, handling the occasional registry incident) gets done because the discipline of operating it is decades old at this point. The newer EU-managed DNS providers are operationally good but younger; we are operationally good and old.
One last note before the rest of the page. The DNS layer rewards conservative engineering. The right answer for almost everyone is "the same product everyone uses, configured the boring way, monitored properly". We are not trying to be exciting at the DNS layer. We are trying to be the kind of provider where you can forget about DNS for years at a time and just have it work. The exciting work happens at the application layer where it belongs; DNS should be a utility you stop thinking about. If you came here looking for clever DNS tricks, geo-routing magic, or anything that smells like a marketing demo, we may not be the most interesting vendor in the category. If you came here looking for a sovereign nameserver that resolves quickly and never breaks, we are exactly that.