EU sovereign · stored in the EU Log in Start free

EU Data Residency

Last updated 1 June 2026 · Hola Money Sociedad Limitada (trading as Buzzmark)

Buzzmark is built to keep your data in the EU. This page explains, plainly, where your data is stored and processed, who operates the Service, and the one honest exception - email delivery - so there are no surprises.

Where your data lives

We host and process the data you entrust to us - message content, recipients, contacts, engagement events, logs and DKIM keys - in EU data centres located in Frankfurt (Germany) and Paris (France). Your account and message data does not leave the EEA in the ordinary course of running the Service.

A Spanish-owned, EU-operated company

The Service is operated by Hola Money Sociedad Limitada (NIF B26671347; Registro Mercantil de Almería, Hoja AL-66006), based at C/ Granada 7, 04820 Vélez-Rubio, Almería, Spain. Because we are an EU company running on EU infrastructure - not a US entity and not a US subsidiary - your data is governed by EU law and sits outside the reach of foreign-government access regimes such as the US CLOUD Act.

The one honest exception: delivery

Email is, by nature, delivered to wherever the recipient’s mailbox lives. If you send a message to someone whose provider hosts their mailbox outside the EU, that message is transmitted to that provider’s mail server to be delivered - that is how email works, and it is determined by your choice of recipient, not by us. Everything we store and process on your behalf stays in the EU; only the act of handing a message to a recipient’s server reaches beyond it, and only as far as that recipient.

Encryption

Data is encrypted in transit using TLS and encrypted at rest. Secrets such as DKIM private keys and API tokens are stored encrypted or hashed. Outbound mail uses TLS to receiving servers wherever they support it.

Sub-processors & their locations

The infrastructure and vendors we rely on to run the Service are EU-based wherever possible. The current list, with each provider’s role and location, is maintained in our Data Processing Agreement. We notify customers of changes and remain responsible for our sub-processors.

GDPR & your agreements

The Service is GDPR-native. Every plan includes a Data Processing Agreement under which we act as your processor for the personal data in your messages. How we handle the personal data for which we are the controller (your account details) is described in our Privacy Policy. If a transfer of personal data outside the EEA would ever be required, we rely on an adequacy decision or the European Commission’s Standard Contractual Clauses.

Our residency commitments, in short

  • EU-only data residency for stored and processed data (Frankfurt (Germany) and Paris (France)).
  • Spanish-owned and operated - governed by EU law, outside the US CLOUD Act.
  • GDPR-native, with a Data Processing Agreement in every plan.
  • Encrypted in transit and at rest.
  • EU-based sub-processors wherever possible, with change notification.

Questions

Email dpo@buzzmarkapp.com or privacy@buzzmarkapp.com and we’ll be glad to help.