Trust
Architecture, not slogans.
Your cloud. Your admin keys. Your data path. Your bill. Four structural answers — read them through, then quote them to your lawyer.
Four structural answers you can verify, not just trust.
No flags, no badge walls, no slogans. Each answer is a property of how the system is built.
-
Ownership
Your cloud. Your admin keys. Your kubeconfig. Your install repository. The admin password is yours — not ours, not shared, not escrowed. The worker bootstrap is outbound-only, so there is no inbound network path from us into your environment.
-
Provider parity
AWS · Azure · GCP · Hetzner · IONOS · OVH · Scaleway · on-prem · your own. One package, the same render path on every provider. Migrating between providers is a git push to a new repository target.
-
Pricing transparency
We charge for the platform. You pay your infrastructure provider directly. No markup on compute — which means no incentive for us to push you toward one provider over another. Talk to the founders for numbers.
-
Real-customer proof
Code Zero ships its software onto customers’ own infrastructure on Akua. Anonymized regulated pilots run in finance, healthcare, and logistics. Named where consent has landed, descriptive where it hasn’t — and never a fabricated count.
The board question
Can someone in another country shut off our IT?
No. The cluster runs on your infrastructure and the admin keys are yours. The bootstrap is outbound-only — there is no inbound network path from us into your environment. If we disappear, the software keeps running.
The exit path
What happens if Akua disappears?
Your cluster, your data, and your admin keys all stay yours. The export path is open by architecture: open package format, OCI images, plain git. Take the export and run it anywhere your operations team can run a cluster.
The audit trail is the architecture.
Not a separate “audit log” feature you have to trust — the same primitives that run the system record it.
- Every write to main
- Arrives as a reviewed proposal carrying a typed, signed, reviewable diff.
- Every long-lived resource
- Has a supervised entity with deterministic, recorded state transitions.
- The trail itself
- Is the git history plus the entity event log. There is nothing to reconstruct after the fact.
Named regulations. Named answers.
The regulation, not the badge — with the specific architectural answer for each.
-
DORA
In force since January 2025. Article 28 requires ICT third-party risk management and a gapless information register. The per-install repository plus the reviewed-proposal flow populate that register by architecture.
-
EU AI Act
Documented audit paths for AI in credit and insurance from August 2026. The supervised-entity pattern produces deterministic event logs by architecture — the audit path is a property of the system, not a policy bolted on.
-
DSGVO
Data sits on your infrastructure, under your admin keys, reached only by an outbound-only bootstrap. The architecture is the answer — there is no badge to argue about.
The honest table.
Each certification named with its actual status. No line-up of logos standing in for the work.
- SOC 2 Type II
- In progress
- ISO 27001
- On roadmap
- BSI-C5
- On roadmap
- DSGVO
- Structural — the architecture answer above, not a badge
Talk to the people who built it.
This page’s reader is usually the one who wants a conversation before any commitment — so when you book, you get a founder.
Marcus Klingler
A DACH-finance and Frankfurt School background.
Robin Braemer
Work at STACKIT and SumUp, and a CODE University thesis on this exact problem.
Read the architecture.
Then quote it to your lawyer.
This page’s reader is the most likely to want a founder conversation before committing. Book one — you’ll get one.