What we're trying to do, and why.

Mission

Make EU-sovereign workflow automation as capable and as easy to use as the US-cloud alternatives. So that no organisation in Europe has to pick between productivity and the legal certainty their data needs.

Vision

Five years from now, choosing an EU-sovereign automation platform isn't a 'special procurement' moment — it's the default for any EU organisation that handles regulated data, the same way picking an EU bank account is. We want Bridgekit to be one of the obvious answers when that question gets asked.

Principles we hold ourselves to

• 1. Sovereignty isn't a feature — it's the architecture

  EU-sovereign hosting is a procurement decision, not a tickbox we add later. Hetzner Cloud (Falkenstein, Nürnberg) for compute, Postgres on Hetzner for data, Scaleway (Paris) for backups, Mollie for payments, Mailjet for email. No US-cloud anywhere on the customer-data path.

• 2. Be honest about what works and what doesn't

  We won't claim 'enterprise-ready' or 'GDPR-certified' until those things are independently verifiable. While we're building, the marketing site says 'in development'. When you can buy it, the site will say so.

• 3. Open about every dependency

  Our trust page lists every component in the data path — what it is, who runs it, where it sits. If we ever take a pragmatic exception (GitHub for code hosting, for example) we tell you about it and explain the mitigation.

• 4. Audit-friendly by design

  Every state change in the engine produces an audit event. Multi-tenant isolation is enforced at three layers (EF query filters, save-changes interceptor, integration tests). Authorisation is database-backed, never JWT-only. These aren't 'features' — they're the price of being trustable.

• 5. Plugin-first, never plugin-as-afterthought

  Connectors live behind a stable SDK from day one. Adding the next connector is mechanical — the architecture won't have to be re-done when we hit 50 or 100 of them.