Hetzner
German-owned cloud, dedicated and storage hosting operated from owner-run EU data centres since 1997.
Profile last updated: · View sources
About Hetzner
Hetzner is a German hosting company founded in 1997 and headquartered in Gunzenhausen, Bavaria. It owns and operates data centres in Nuremberg, Falkenstein and Helsinki, with additional cloud locations in Ashburn (Virginia), Hillsboro (Oregon) and Singapore. The product range spans bare-metal dedicated servers, Hetzner Cloud virtual machines, managed servers, web hosting, object storage and the consumer Storage Box service.
The group is privately held and founder-controlled. Hetzner self-hosts its corporate website, customer console, billing and authoritative DNS on its own infrastructure in Nuremberg, without Cloudflare or US hyperscalers in the request path for hetzner.com. The German and Finnish operations are ISO/IEC 27001:2022 certified by SOCOTEC, hold a BSI C5 Type 2 attestation, and are classified by Germany's BSI as NIS-2 / KRITIS critical infrastructure.
Integrations
Features
- Owner-operated data centres in Nuremberg, Falkenstein and Helsinki
- Self-hosted control panel, billing and DNS on Hetzner-owned bare metal (no Cloudflare, AWS or Azure in the request path for hetzner.com)
- Hourly billing and on-demand snapshots on Cloud
- Network-attached Volumes plus S3-compatible Object Storage
- Load Balancers, private Networks and Firewall available in every cloud region
- Bare-metal dedicated server lines: EX (Intel), AX (AMD), RX (Arm64), SX (storage), GPU
- Hetzner Cloud API with first-party CLI (hcloud), Terraform provider, Kubernetes Cloud Controller Manager and CSI driver
- Storage Box with FTP/SFTP/SCP/RSYNC/WebDAV/Samba access
- Storage Share built on Nextcloud
- Server Auction marketplace for used dedicated servers at falling prices
Sovereignty Scorecard
Procurement-grade signals on data sovereignty, ownership, and EU residency.
We score every European vendor against six sovereignty dimensions captured in the SHIELD acronym. Each card below maps to one letter — read them as a checklist when comparing providers.
The third parties that touch customer data — payment processors, KYC vendors, support chatbots, analytics.
Where the legal entity sits, who controls it, and which subsidiaries operate under the same group.
Where customer data is physically stored, who runs the hosting stack, which CDN sits in front.
Whether the vendor or its subprocessors fall under the US CLOUD Act or other extraterritorial reach.
Public terms, privacy policy, DPA, subprocessor list, impressum, and security or trust pages.
Independent audits and certifications (ISO 27001, BSI C5, TISAX, SOC 2) plus open-source transparency.
Privately held
Privately held and founder-controlled. Martin Hetzner has been Geschäftsführer since founding in 1997. Shareholder structure is not publicly disclosed on hetzner.com; a Handelsregister Auszug for HRB 6089 Ansbach would provide the definitive shareholder list.
🇩🇪 Gunzenhausen, Germany
Hetzner Online GmbH
- Hetzner Cloud GmbH — 🇩🇪 GermanyOperates the Hetzner Cloud product line. Registered in Unterföhring, Bavaria (HRB 226782 München, VAT DE307017005). Managing directors: Sebastian Färber, Markus Kalmuk.
- Hetzner Finland Oy — 🇫🇮 FinlandOperates the Helsinki data centre park (Tuusula). VAT FI27207589. Within scope of the group ISO/IEC 27001:2022 certificate.
Region selectable
Cloud customers select a region per virtual machine. EU regions: Falkenstein and Nuremberg (Germany) plus Helsinki (Finland). Non-EU regions: Ashburn (Virginia, USA), Hillsboro (Oregon, USA) and Singapore. Dedicated servers, Web Hosting and Storage Box are physically located in the German data centres only.
Website: Hetzner-owned bare metal in Nuremberg (HETZNER-RZ-NBG)
Application: Hetzner-owned bare metal in Nuremberg (HETZNER-RZ-NBG)
Email: Hetzner-owned mail cluster (mail.hetzner.company, Nuremberg)
CDN: Self-hosted edge layer 'HeRay' (no Cloudflare, Fastly, Akamai or other third-party CDN in the request path)
| Name | Country | Purpose |
|---|---|---|
| Computop Paygate GmbH | 🇩🇪 Germany | Card payment processing (PCI DSS 4.0 compliant) |
| Brevo GmbH | 🇩🇪 Germany | Newsletter management and sending |
| Newsletter2Go (nl2go.com) | 🇩🇪 Germany | Marketing email delivery (Brevo group) |
| Matomo | 🇩🇪 Germany | Self-hosted website analytics |
| Rexx Systems GmbH | 🇩🇪 Germany | Applicant tracking system |
| Intrum Deutschland GmbH | 🇩🇪 Germany | Debt collection (independent controller, not processor) |
| iDenfy UAB | 🇱🇹 Lithuania | Identity verification (KYC) |
| Kapa.ai Inc. | 🇺🇸 United States | AI support chatbot |
| OpenAI | 🇺🇸 United States | LLM backend for Kapa.ai support chatbot |
| Google LLC | 🇺🇸 United States | reCAPTCHA and Google Fonts |
Infrastructure, operation and customer support of the data-centre parks in Nuremberg, Falkenstein and Helsinki. Issued by SOCOTEC Certification to Hetzner Online GmbH and Hetzner Finland Oy.
BSI C5 Type 2 attestation — operational effectiveness of cloud computing compliance criteria over the audit period (2026).
PCI DSS 4.0 r1.0 compliance via the payment processor Computop Paygate. Hetzner appears on Computop's compliance certificate rather than holding a directly issued attestation.
Classified by Germany's Federal Office for Information Security (BSI) as KRITIS-V — an operator of critical IT services under § 8a BSIG, in scope for the NIS-2 directive.
EU Eco-Management and Audit Scheme — German data-centre sites.
Pricing
€3.99
- 2 vCPU shared (x86)
- 4 GB RAM
- 40 GB NVMe SSD
- 20 TB traffic included
- EU regions: Falkenstein, Nuremberg, Helsinki
Official downloads
Questions & Answers
5 questions
Where is Hetzner headquartered, and which entity will I contract with?
Hetzner Online GmbH, registered in Gunzenhausen, Bavaria (HRB 6089 Ansbach), is the namesake operating entity and the contracting party for most Hetzner products including dedicated servers, web hosting and Storage Box. Hetzner Cloud GmbH (Unterföhring, HRB 226782 München) is a separate group company for the Hetzner Cloud product line, and Hetzner Finland Oy runs the Helsinki data centre. The contracting entity for a given product is named in the relevant Terms of Service.
Where will my data be stored?
Cloud customers select a region per virtual machine. EU regions cover Falkenstein and Nuremberg (Germany) and Helsinki (Finland); non-EU regions cover Ashburn (Virginia, USA), Hillsboro (Oregon, USA) and Singapore. Dedicated servers, Web Hosting and Storage Box are physically located in the German data centres only. Hetzner Online GmbH and Hetzner Finland Oy are within the scope of the group ISO/IEC 27001:2022 certificate.
Is Hetzner subject to the US CLOUD Act?
Hetzner Online GmbH, Hetzner Cloud GmbH and Hetzner Finland Oy are all European-domiciled entities. Hetzner has not disclosed a US filing entity for its Ashburn and Hillsboro data centres. A limited set of operational subprocessors process data in the United States (Google reCAPTCHA, Google Fonts, Kapa.ai and OpenAI for support chat). Customer payload data stored on Hetzner infrastructure in EU regions is hosted by entities that are not US-headquartered and not US-owned.
What certifications does Hetzner hold?
Hetzner Online GmbH and Hetzner Finland Oy hold ISO/IEC 27001:2022 certification issued by SOCOTEC, covering the Nuremberg, Falkenstein and Helsinki data centres. Hetzner also holds a BSI C5 Type 2 attestation and is classified by the German Federal Office for Information Security (BSI) as a NIS-2 / KRITIS-V critical-infrastructure provider. The German data centres carry EMAS environmental certification. Hetzner does not pursue SOC 2 or TISAX; the company has publicly stated that ISO 27001 is its primary security framework.
Does Hetzner publish a subprocessor list and offer a Data Processing Agreement?
Yes. The current subprocessor list is published at hetzner.com/AV/subcontractors.pdf (English) and hetzner.com/AV/subunternehmer.pdf (German). A template Data Processing Agreement is published at hetzner.com/AV/DPA_en.pdf and hetzner.com/AV/DPA_de.pdf. Customers can also retrieve a tailored DPA, including a signed Annex 2 (Technical and Organisational Measures audited by TÜV Rheinland), from accounts.hetzner.com/account/dpa.
Alternatives
Other European companies in the same category as Hetzner.
Quick facts
Sources & verification
Every fact on this page is backed by a primary or independent source. Most recent verification: May 11, 2026.
Found an error? Report it
Profile content
- primary · about-pagewww.hetzner.com/unternehmen/ueber-uns
- primary · about-pagewww.hetzner.com/unternehmen/ueber-uns
- primary · impressumwww.hetzner.com/legal/legal-notice
- primary · press-releasewww.hetzner.com/pressroom/ht-clean-energyConfirms founding year and Martin Hetzner as founder/Geschäftsführer
- primary · about-pagewww.hetzner.comSite offered in DE and EN via header language switcher
- primary · blogdocs.hetzner.com/general/infrastructure-and-availability/price-adjustmentPost-1-April-2026 price-adjustment doc lists CX23 at €3.99/month
- primary · about-pagewww.hetzner.com
- primary · about-pagewww.hetzner.com/unternehmen/rechenzentrum
- primary · impressumwww.hetzner.com/legal/legal-notice
- primary · privacy-policywww.hetzner.com/legal/privacy-policy
- primary · cert-pagewww.hetzner.com/unternehmen/zertifizierung
- primary · otherdocs.hetzner.com/general/company-and-policy/data-protection-at-hetzner
- primary · othergithub.com/hetznercloudOfficial Hetzner Cloud GitHub organisation
- primary · cert-pagedocs.hetzner.com/general/others/certificates
Sovereignty (SHIELD)
- primary · privacy-policywww.hetzner.com/legal/privacy-policy10 named third parties extracted from primary privacy policy
- primary · subprocessor-listwww.hetzner.com/AV/subcontractors.pdfPDF content not yet OCR-extracted; URL is published in DPA docs
- primary · impressumwww.hetzner.com/legal/legal-notice
- primary · impressumwww.hetzner.com/legal/legal-notice
- primary · press-releasewww.hetzner.com/pressroom/ht-clean-energyConfirms Martin Hetzner as founder and Geschäftsführer since 1997
- primary · impressumhetzner-cloud.de/en/impressumHetzner Cloud GmbH details
- primary · about-pagewww.hetznerfinland.comHetzner Finland Oy details
- primary · privacy-policywww.hetzner.com/legal/privacy-policyPrivacy policy names both as group companies
- primary · cert-pagewww.hetzner.com/unternehmen/zertifizierungISO 27001 scope names Hetzner Online GmbH + Hetzner Finland Oy
- primary · about-pagewww.hetzner.com/unternehmen/ueber-uns
- primary · pricing-pagewww.hetzner.com/cloudRegion selector on Cloud product page
- primary · dns-recordswww.hetzner.comdig www.hetzner.com -> 213.133.116.44, RIPE whois places this in HETZNER-RZ-NBG corporate block
- primary · http-headerswww.hetzner.comResponse 'server: HeRay' header with no cf-ray, x-fastly, x-akamai or x-azure-ref CDN headers
- primary · impressumwww.hetzner.com/legal/legal-noticeAll three group entities are European-domiciled
- primary · privacy-policywww.hetzner.com/legal/privacy-policyAcknowledges data transfers to US subprocessors — basis for 'partial-via-subprocessors' rather than 'none'
- primary · impressumwww.hetzner.com/legal/legal-noticeAll legal-doc URLs surfaced via the footer of hetzner.com (verified accessible 2026-05-11)
- primary · cert-pagewww.hetzner.com/unternehmen/zertifizierung
- primary · cert-pagedocs.hetzner.com/general/others/certificates
- primary · othergithub.com/hetznercloud
- primary · othergithub.com/hetzneronline