Skip to main content
Tresorit logo

Tresorit

Verified

“Swiss-state-owned, end-to-end encrypted — but it runs on a US cloud.”

Operating HQ
🇨🇭 Zürich, Switzerland
where it's run
Legal domicile
🇨🇭 Tresorit AG (Switzerland)
where it's incorporated
Owner
Swiss Post
Founded
2011
Customers
11,000+ orgs
Encryption
Zero-knowledge E2E
56/100
Sovereign: Partial
Control ↑
61
Data →
51

56 = midpoint of Control 61 & Data 51

ConfidenceMedium (78%)

Sovereignty Quadrant

Control ↑ who owns & governs the company  ·  Data → where your data lives. Every dot is a company — click to open it.

Where your data lives → Who controls the company → 7 companies · fully non-EU (0/0) TikTok — Data 32, Control 24 Google — Data 16, Control 14 Youtube — Data 14, Control 16 Ionos — Data 90, Control 90 Disneyplus — Data 16, Control 12 Telegram — Data 34, Control 14 Carrefour — Data 100, Control 32 Corriere — Data 100, Control 100 Microsoft — Data 26, Control 14 Amazon — Data 14, Control 10 Amazon — Data 66, Control 0 Reddit — Data 14, Control 10 Netflix — Data 24, Control 20 LinkedIn — Data 14, Control 16 Reuters — Data 26, Control 0 Pinterest — Data 12, Control 12 Discord — Data 16, Control 20 AliExpress — Data 18, Control 12 Twitch — Data 18, Control 16 Samsung — Data 62, Control 4 Canva — Data 24, Control 20 Spotify — Data 30, Control 68 Apple — Data 16, Control 16 GitHub — Data 16, Control 10 Uber — Data 16, Control 16 Salesforce — Data 20, Control 14 Deepl — Data 70, Control 78 Airbnb — Data 18, Control 18 Shopify — Data 18, Control 18 Mastercard — Data 36, Control 16 Dropbox — Data 14, Control 10 HubSpot — Data 24, Control 10 Notion — Data 22, Control 16 Stripe — Data 30, Control 30 Zalando — Data 52, Control 88 Figma — Data 18, Control 10 SAP SE — Data 68, Control 78 Atlassian — Data 18, Control 18 Proton — Data 72, Control 54 Miro — Data 100, Control 44 Klarna — Data 44, Control 42 Ecosia — Data 60, Control 92 Zoom — Data 20, Control 14 Adyen — Data 84, Control 84 GitLab — Data 26, Control 14 Slack — Data 14, Control 20 Hetzner — Data 84, Control 96 Deezer — Data 62, Control 66 Typeform — Data 100, Control 52 OVHcloud — Data 82, Control 94 Tutanota — Data 100, Control 100 BlaBlaCar — Data 54, Control 76 Qwant — Data 56, Control 88 Bitwarden — Data 28, Control 20 Contentful — Data 34, Control 48 Personio — Data 34, Control 58 Ikea — Data 34, Control 100 Whatsapp — Data 14, Control 12 Instagram — Data 28, Control 22 X — Data 14, Control 16 Avast — Data 60, Control 0 Paypal — Data 24, Control 32 Kaspersky — Data 56, Control 0 Dailymotion — Data 100, Control 74 Snapchat — Data 12, Control 14 pCloud — Data 60, Control 52 51 61 Tresorit
Tresorit — verified peers — automated estimate (0–50 pillars, normalized)

Every number below traces to 16 sourced facts across 9 independent sources, last verified 2026-06-12. 4 open questions hold confidence at 78% — they lower confidence, never the score.

Control ↑

Who legally and economically controls the company

61/100
8 facts · 5 sources · mixed confidence
Legal & Jurisdiction
60

Incorporated and run in Switzerland (Tresorit AG, Zürich) — not the EU, but Switzerland holds EU adequacy so transfers are treated as intra-EEA. EU reach is real via EU affiliates (Hungary, Germany) and an appointed EU GDPR representative. Sovereign-friendly European, not EU-domiciled.

Why 60? 4 sourced facts · click to expand
Tresorit AG, Zürich (CH)

Data controller is a Swiss company

Tresorit Privacy Policy · as of 2026-06-12

Pfingstweidstrasse 60b, 8005 Zürich

Registered seat

Tresorit Privacy Policy · as of 2026-06-12

EU rep = Tresorit Kft., Budapest

Switzerland has EU adequacy; EU representative appointed

Tresorit Privacy Policy · as of 2026-06-12

Tresorit Kft., Budapest

Originally incorporated in Hungary (2011)

Wikipedia / Swiss Post · as of 2026-06-12

Control & Ownership
62

Majority controlled by Swiss Post, which is wholly owned by the Swiss Confederation — sovereign, non-listed, non-US control. Founders retain a minority. Not EU and not EU economic majority, but about as benign a control structure as exists short of EU state ownership; capped because it's Swiss, not EU.

Why 62? 4 sourced facts · click to expand
majority; founders minority

Swiss Post holds the majority stake (since 2021)

Swiss Post press release · as of 2026-06-12

100% Confederation

Swiss Post is wholly owned by the Swiss Confederation

Swiss Post (legal form) · as of 2026-06-12

Swiss Post Digital

Operates as an independent subsidiary within Swiss Post group

TechCrunch · as of 2026-06-12

3TS, PortfoLion exited

Not publicly listed; early VC investors exited at acquisition

TechCrunch · as of 2026-06-12

Data →

Where your data lives and who can reach it

51/100
8 facts · 7 sources · mixed confidence
Data & Infrastructure
35

Encrypted user content is hosted on Microsoft Azure — a US hyperscaler subject to the US CLOUD Act — even though regions are EU/Swiss (default Ireland). That is the textbook 'EU regions on a US hyperscaler' case (20–40 band). Scored at the top of the band because client-side zero-knowledge encryption means Microsoft never holds readable content or keys, materially reducing the foreign-law exposure.

Why 35? 4 sourced facts · click to expand
Microsoft Azure (US provider)

Service infrastructure and storage of encrypted content runs on Microsoft Azure

Tresorit Knowledge Base · as of 2026-06-12

Default IE; DE, CH, FR, UK, NL etc.

Default storage region is Ireland; EU/Swiss residency options available

Tresorit (Europe page) / Neowin · as of 2026-06-12

keys held by user, not Azure

Client-side end-to-end, zero-knowledge encryption; provider cannot read content

Wikipedia (citing Tresorit) · as of 2026-06-12

EEA/CH primary

Personal data stored primarily within EEA/Switzerland

Tresorit Privacy Policy · as of 2026-06-12

Operations & People
75

Operations are firmly European: HQ in Zürich plus offices in Munich and Budapest, Hungarian founders still in management, ~120 staff all in Europe, embedded in the Swiss Post group. Reporting is in CHF/EUR. European-centered throughout; just short of top band because the operating seat is Swiss rather than EU.

Why 75? 4 sourced facts · click to expand
CH / DE / HU

Offices in Switzerland (Zürich), Germany (Munich), Hungary (Budapest)

Tresorit About · as of 2026-06-12

~120 employees

Workforce ~120, all Europe-based

Tresorit About · as of 2026-06-12

István Lám, CEO

Founder/CEO is Hungarian; founders remain in management

TechCrunch · as of 2026-06-12

HU, DE affiliates

Sub-processor affiliates operate in Hungary and Germany

Tresorit Knowledge Base · as of 2026-06-12

Aligned to the EU Commission’s official Cloud Sovereignty Framework (SEAL, Jun 2026)

What we don’t know 4 open questions — they lower confidence, never the score
  • ?

    What exact percentage of Tresorit does Swiss Post hold, and what stake do the founders retain?

    Only 'majority' is disclosed; the precise split affects how complete the sovereign-control story is.

  • ?

    Is there a Luxembourg administrative/billing entity?

    One Swiss Post release referenced an administrative HQ in Luxembourg; uncorroborated elsewhere. If real, it adds an EU-billing layer but does not change the Swiss controller.

  • ?

    Does Tresorit use any non-Azure or EU-sovereign hosting for its Swiss/German residency regions?

    All public evidence points to Microsoft Azure for all regions; a sovereign-cloud option (if any) would materially raise the infra score.

  • ?

    Where is metadata (not file content) stored and is any of it readable by Azure?

    E2E protects file content, but account/metadata handling under CLOUD Act is not fully detailed publicly.

EU Cloud Sovereignty Framework lens

SEAL targets cloud service providers; this is an analogous sovereignty mapping for an encrypted-storage vendor, not a certification.

Strategic

Owned by Swiss Post, a sovereign Swiss state entity with no commercial-exit or foreign-takeover pressure.

strong

Legal & jurisdictional

Swiss controller (Tresorit AG), not EU-incorporated; Switzerland holds EU adequacy and an EU GDPR rep is appointed in Budapest.

moderate

Data & AI

Zero-knowledge E2E encryption keeps content unreadable to the host, but data physically sits on US-owned Azure regions.

moderate

Operational

HQ Zürich; offices and workforce in Switzerland, Germany and Hungary; European leadership and reporting currencies.

strong

Supply chain

Core hosting dependency on a single US hyperscaler (Microsoft Azure) for all storage regions.

weak

Technological

Proprietary client-side crypto stack is independent, but the underlying compute/storage is not EU/Swiss-owned.

moderate

Security & compliance

ISO 27001, zero-knowledge model, GDPR + Swiss revFADP aligned, no disclosed breach in company history.

strong

Environmental sustainability

No primary-source data on energy/carbon footprint found.

not assessed
EU alternatives
🇨🇭 Proton Drive proton.me with caveats

Swiss, not EU, but runs its own data centers in Europe rather than a US hyperscaler — stronger on infrastructure sovereignty.

🇪🇸 Internxt internxt.com EU-controlled

EU-incorporated (Valencia) zero-knowledge encrypted storage — clears the EU-domicile bar Tresorit and Proton do not.

🇨🇭 pCloud pcloud.com with caveats

Swiss-based with EU (Luxembourg) data-region option and client-side encryption add-on; Swiss, not EU.

How the method works

Methodology v2 (provisional): the score is the midpoint of two axes — Control (who owns and governs the company) and Data (where your data lives and who can reach it). Each axis is scored only on verified evidence; unknowns reduce confidence, never the score. Every input below is sourced; the weights and judgments are open to challenge.

Spotted an error? Every claim is sourced — challenge it and we correct the record.
  • 2026-06-12 — Initial golden profile, authored from primary sources (human + AI review).

Report Incorrect Data

Found an error in this company's profile? Help us improve our data by submitting a correction.

Required so we can follow up if needed. We won't share your email.

Verified 2026-06-12 · Human + AI joint review (sources independently checked) · Methodology