Back to blog

Product · Jun 14, 2026

Why Facio Is Built in the EU: How DSGVO-Native Architecture Removes Compliance Friction From AI Agents

Most AI agent platforms route customer data through US-hosted infrastructure by default. For European businesses, that's a compliance incident waiting to happen. Facio is built in the EU, for the EU, and the architecture is DSGVO-native from the ground up — data residency, processing boundaries, audit trails, and HITL gating all designed around European data protection requirements. Here's what DSGVO-native actually means and why it matters for production agents.

DSGVOEU ComplianceData ResidencyPrivacyArchitecture

Why Facio Is Built in the EU: How DSGVO-Native Architecture Removes Compliance Friction From AI Agents

Most AI agent platforms route customer data through US-hosted infrastructure by default. The LLM API is in California. The vector database is in Virginia. The agent's logs and audit trail are in Oregon. Every tool call, every file read, every MCP request hops a transatlantic wire — and every hop is a data transfer that triggers DSGVO documentation requirements.

For European businesses, this isn't a philosophical concern. It's a compliance incident waiting to happen. Schrems II, the EU AI Act, sector-specific regulations (BaFin for finance, DSGVO for healthcare, the new EU Data Act for industrial data) — all of them have specific requirements about where data lives, how it's processed, and what happens when it's transferred outside the EU.

Facio is built in the EU, for the EU, and the architecture is DSGVO-native from the ground up — not as a retrofit, not as a configuration option, but as a structural property of the runtime. Here's what DSGVO-native means in practice and why it matters for production AI agents.

What "DSGVO-Native" Actually Means

A DSGVO-native architecture is one where the technical design choices are aligned with European data protection requirements from day one. The principles aren't bolted on after the fact — they shape the architecture itself.

PrincipleHow Facio implements it
Data residencyAll agent execution happens in EU-hosted infrastructure by default
Data minimizationLogs, audit trails, and memory files contain only what the agent needs to function
Purpose limitationTool calls and data access are scoped to the user's stated purpose
Storage limitationRetention policies are configurable per data category, with defaults aligned to DSGVO guidance
Integrity & confidentialityEnd-to-end encryption, secret isolation, and append-only audit logs
AccountabilityEvery data access is logged with the requesting tool, the user, and the purpose
Lawful processingThe HITL approval gate documents explicit consent for high-impact actions

These aren't features. They're architectural properties. A DSGVO-native platform doesn't let you accidentally route data outside the EU because the architecture doesn't support it.

The Self-Hosted Foundation

Facio's runtime is designed to be self-hosted — by the customer, in their own infrastructure, in their own jurisdiction. The default Docker Quickstart runs on a customer's own machine, in their own data center, on their own cloud tenant. No data leaves the customer's environment unless the customer explicitly configures it to do so.

This is the architectural foundation that makes DSGVO-native possible:

  • Local execution. The agent runs on the customer's infrastructure. Files, logs, memory, and audit trails stay where the customer controls them.
  • Local model option. Facio supports any OpenAI-compatible endpoint — including self-hosted models running in the customer's own environment. A European business can use Mistral or Llama running on their own hardware and never touch a US-hosted LLM API.
  • Local storage. Workspace files, audit logs, and credential store all live in the customer's infrastructure. No third-party cloud storage by default.
  • Configurable external integrations. When the customer does want to use an external LLM API or MCP server, the configuration is explicit and audit-logged. No surprise data transfers.

For European businesses, the question isn't "do we trust Facio with our data?" — it's "do we want our agent to run on our own infrastructure, in our own jurisdiction, under our own control?" Facio says yes.

The Data Minimization Discipline

DSGVO requires that personal data be "adequate, relevant, and limited to what is necessary." AI agents are notoriously bad at this — they tend to log everything, retain context indefinitely, and process data without clear purpose limitations.

Facio's architecture enforces data minimization at the runtime level:

  • Log redaction. The credential store ensures that API keys, passwords, and tokens never appear in log entries. Even if the agent configures a tool with a secret, the secret value is never in the log.
  • Bounded context. The agent's context window is finite. Stale data naturally falls out. The agent doesn't accumulate personal data indefinitely — it processes and forgets.
  • Scoped tool access. File tools respect workspace boundaries. Network tools respect URL restrictions. The agent's access is to what it needs, not to everything in the system.
  • Configurable retention. Log retention, memory retention, and audit trail retention are all configurable. The default is conservative; customers can extend it with explicit justification.

The result: the agent processes only the data it needs, retains it only as long as necessary, and produces audit trails that demonstrate the minimization was intentional.

The HITL Gating as Lawful Processing

DSGVO requires that data processing have a lawful basis. For AI agents making decisions about data subjects, "legitimate interest" or "contract performance" usually applies — but the agent's automated decisions about data subjects may need explicit consent or human review.

Facio's HITL approval tools map naturally to these requirements:

  • ask_approval for high-impact data processing. When the agent wants to do something that affects a data subject — sending an email, processing a customer record, making a financial decision — it asks for human approval first. The approval is logged with the human's identity, the decision, and the rationale. This is the technical implementation of "meaningful human review" required by GDPR Article 22 for automated decisions.
  • ask_form for explicit consent capture. When the agent needs to collect consent (e.g., "can we process this customer's data for X purpose?"), it uses ask_form with required consent fields. The consent is captured, stored with the action it authorized, and audit-logged.
  • ask_selection for preference documentation. When the agent needs the user to choose between processing options, ask_selection captures the choice with timestamp and context. The data subject's preferences are recorded.

The HITL gating isn't just a safety feature. It's the technical infrastructure for lawful processing under DSGVO. The audit trail proves that high-impact actions were reviewed and approved by a human.

The EU AI Act Alignment

The EU AI Act — enforcement deadline August 2026 — classifies AI systems by risk level. High-risk AI systems (used in employment, credit scoring, education, law enforcement, etc.) have specific requirements around data quality, transparency, human oversight, and robustness.

Facio's architecture aligns with these requirements out of the box:

  • Data quality. The memory system and inline learning ensure the agent's knowledge base is accurate, current, and traceable. Wrong information can be corrected; the correction is logged.
  • Transparency. The audit trail shows exactly what the agent did, when, and why. Stakeholders can understand and explain the agent's behavior.
  • Human oversight. HITL gating ensures that high-impact actions require human review. The agent doesn't autonomously make decisions that fall into the AI Act's high-risk categories.
  • Robustness. Error recovery, heartbeat-based health checks, and self-diagnosis via read_logs ensure the agent operates reliably even when conditions change.

For businesses operating under the EU AI Act, Facio's architecture reduces the compliance burden from "build it yourself" to "configure and document it."

The Schrems II Reality

After Schrems II, transferring personal data from the EU to the US requires either an adequacy decision (which the EU-US Data Privacy Framework provides, but with conditions) or Standard Contractual Clauses plus a Transfer Impact Assessment. Most US-based AI platforms rely on these — but the burden is on the customer to assess, document, and maintain the transfer mechanism.

Facio's EU-hosted, self-hostable architecture makes Schrems II largely irrelevant for the agent's own execution. The data doesn't leave the EU because the agent doesn't have to send it anywhere. For the specific case where the customer chooses to use a US-hosted LLM API, the transfer is explicit, documented, and the customer's choice — not an architectural side effect.

What DSGVO-Native Doesn't Mean

A few clarifications about what Facio's DSGVO-native design doesn't claim:

  • Not a substitute for legal review. Facio's architecture makes compliance easier, but the customer is still responsible for their data protection obligations. The architecture supports compliance; it doesn't replace legal advice.
  • Not a guarantee of zero data exposure. No architecture can guarantee zero exposure. Facio's design reduces exposure and provides the audit trails to demonstrate due diligence — but the customer must still operate the system responsibly.
  • Not a US-hosting ban. If a customer wants to use OpenAI's API from a US data center, they can. The configuration is explicit, and the data transfer is documented in the audit trail.
  • Not a magic DSGVO compliance certification. Facio's architecture is designed to support DSGVO compliance. Achieving actual compliance requires operational practices, policies, and documentation beyond the runtime.

Bottom Line

For European businesses deploying AI agents in production, the choice of platform isn't just a technical decision. It's a compliance decision. Every tool call that routes through US infrastructure is a data transfer. Every log entry that contains personal data is a retention liability. Every autonomous decision that affects a data subject is a potential Article 22 violation.

Facio is built to make these concerns structural rather than procedural. The agent runs where the customer wants it. Data stays where the customer can control it. The audit trail proves the controls work. The HITL gating provides the lawful basis for high-impact actions. The EU AI Act alignment is built into the architecture, not bolted on.

Because compliance friction shouldn't be a reason to avoid AI agents. It should be a reason to choose the right platform.

See the compliance documentation for DSGVO and EU AI Act configuration guides, audit trail format specifications, and self-hosting deployment patterns.

Keep reading

More on Product

View category
Jun 13, 2026Product

From Prototype to Production: Facio's Readiness Checklist for AI Agents That Actually Ship

A working AI agent prototype is not a production AI agent. The gap between "it works on my machine" and "it works in production for 247 enterprise customers" is where most agent projects die. Facio's architecture is built around a production readiness checklist — the six pillars that turn a clever demo into a reliable system. Here's what they are, why they matter, and how Facio addresses each.

Jun 12, 2026Product

Facio's Tool Architecture: How a Composable Runtime Turns LLM Calls Into Real-World Actions

An LLM that can only generate text is a research tool, not a worker. The real power of AI agents comes from tools — the structured interface that turns model reasoning into real-world actions. Facio's tool architecture is built for composability: every tool follows the same patterns, every tool respects HITL boundaries, and every tool can be combined with every other tool to build workflows that no single tool enables. Here's how the architecture works.

Jun 11, 2026Product

Facio's Message & Upload Tools: How AI Agents Deliver Files and Conversations Across Any Channel

An AI agent that produces a perfect report but can't deliver it to a human is a journal, not a worker. Facio's message and upload_file tools close the loop — sending text, images, videos, and documents to any configured channel (Placet, Telegram, Discord, custom), with native file attachments and conversation continuity. Here's how the delivery architecture works and why media-aware messaging matters for production agents.