Sovereignty commitment

wehook is built so your webhook data stays in Europe, under European law. This page explains exactly where your data lives and who can touch it.

Where your data is stored

All of your event data — payloads, delivery logs, endpoints, secrets — is stored and processed in France, in the Paris region of our hosting provider (Scaleway). Your event data never leaves the European Union.

Subprocessors

We keep the list of our subprocessors public and versioned in our Data Processing Agreement. No non-EU subprocessor sits in your event-data path.

The only non-EU service we rely on is Stripe, used for billing only. Stripe never receives or processes your webhook payloads or delivery data.

GDPR by construction

• Standard Contractual Clauses available where relevant.
• A standard Data Processing Agreement is signed at sign-up.
• Data minimisation: we only store what is required to deliver and audit your webhooks.

An auditable stack

wehook runs on open, widely-audited components (Kubernetes, PostgreSQL, RabbitMQ, FrankenPHP/Symfony) operated on European infrastructure. No black box, no opaque US platform in the critical path.

Questions?

Write to contact@wehook.io — we are happy to walk you through our setup.