Secure by default.

Trust, security, integrity and availability are very important values ​​to us. So that ZITADEL is available to you at all times, we have designed the design from the ground up for geo-redundant operation.


Development and Location

Switzerland stands for security

The security of your data is our greatest requirement and our greatest promise and to ensure this, we store all data in Switzerland as standard.

The storage of the data in other regions or globally is voluntary and is recommended if there is an increased requirement for availability or if the customers are positioned internationally.

code scanning transparency



In order to win and retain the trust of our customers we rely on a very high level of transparency, be it at the level of the processes, tools or providers that we use, as well as the product development we strive for. The ZITADEL source code is therefore completely open source and may be used.

The list of all providers involved in the provision of services and which services we obtain from them are listed below.

Provider Declaration

In order to achieve the best possible transparency we regularly publish which providers and services we use to offer ZITADEL. It can occur that we obtain the same services from several providers. We have a data processing agreement with our sub-processors to guarantee privacy of your personal data.


  • Google Workspace
  • IaaS Provider
  • Mail Relay (SMTP)


  • Source Code Management
  • Code Scanning
  • Dependency Management
  • Security Advisory
  • Issue Management


  • DNS Server
  • DDOS Mitigation
  • WAF
  • CDN
  • Cloud Load Balancer
  • PKI for TLS
  • Privacy-friendly Analytics

Grafana Cloud

  • Metrics / Altering / Dashboard


  • DNS Registrar


  • Domain


  • SMS delivery


  • Subscription management (Tiers)
  • Payment process


  • Customer Management
  • Accounting


  • ZITADEL Cloud status
  • Incidents / Maintenance


  • Privacy-friendly Web Analytics


  • Hosting marketing pages


  • Mailing to customers