WZ-IT Logo
WZ-IT On-Prem

Supabase, self-hosted on your hardware

The complete Supabase backend - Postgres, auth, storage, realtime, vector - on an encrypted on-site server at your premises. Installed, operated and maintained by WZ-IT, reachable via our German gateway. §203-ready, because the data never leaves the building in cleartext - for law firms and practices as much as for companies storing confidentiality-professional data.

Postgres, auth, storage, realtime, vectorData stays in-houseOperated end-to-end

Leading companies worldwide trust WZ-IT

  • Rekorder
  • Keymate
  • Führerscheinmacher
  • SolidProof
  • ARGE
  • Boese VA
  • nextGYM
  • Maho Management
  • Golem.de
  • Millenium
  • Paritel
  • Yonju
  • EVADXB
  • Mr. Clipart
  • Aphy
  • Negosh
  • ABCO Water Systems

A DPA is not enough for §203

The GDPR protects personal data, §203 StGB protects professional secrecy - two separate legal spheres. Putting client, patient or other confidentiality-professional data into a standard Supabase-Cloud project (US corporation, CLOUD Act) risks criminal proceedings, even with a DPA. The cleanest solution: the data never leaves the building in the first place.

How it works

One device at your site, reachable from anywhere

1

The on-site server runs at your premises

The full stack runs on encrypted hardware in your rooms. Devices on site reach it directly over the LAN - fast, nothing leaves the building.

2

Reachable via the German gateway

For remote access the server itself opens an outbound tunnel to our gateway in Germany - no open ports, no public IP, works even behind CGNAT.

3

The gateway only sees ciphertext

TLS pass-through: the encrypted stream is only relayed, terminated only on your server. Cleartext never leaves the building - no US corporation, no CLOUD Act access.

Included

End-to-end from WZ-IT

  • Supabase stack (Postgres, GoTrue/auth, storage, realtime, PostgREST, Studio) preconfigured
  • pgvector for embeddings / AI search enabled
  • Point-in-time recovery and encrypted backups
  • On-site server, preconfigured and encrypted (LUKS; optional Confidential/SEV-SNP)
  • Connection to the German WZ-IT gateway (TLS pass-through)
  • Compliance package: DPA + §203 confidentiality agreement with criminal instruction + technical/organisational measures doc + processing-record building block
  • Encrypted offsite backup (client-side, with object lock)
  • Monitoring, updates and support - end-to-end, on request
The hardware

The WZ-IT On-Prem Node

A compact, encrypted on-site server - small enough for any server room or cabinet, powerful enough for your stack. Preconfigured, connected to the German gateway, maintained by us.

The compact node in S / M / L - optionally as a larger EPYC class with SEV-SNP (Confidential) for maximum confidentiality.

WZ-IT On-Prem Node - local edge appliance
Variants

Sized to your needs

Node S / M / L

The compact edge appliance (standard) in three sizes - from a single practice to a software team to a larger organisation.

Confidential

A separate, larger EPYC server class with SEV-SNP - here memory is encrypted too (confidential computing). Not the compact node; for clinics, large organisations and especially sensitive data.

HA pair

Two servers for high availability - automatic failover.

Node from €1,999.90 excl. VAT

Operation & maintenance optional from €199.90/month

Hardware and end-to-end setup one-time, operation and maintenance optional monthly - provider-independent and without lock-in: ongoing operation can also be handled by other providers or by you. Concrete quote in the intro call.

From Supabase Cloud or Firebase to your premises

Already on Supabase Cloud, Firebase or a no-code tool like Lovable? We migrate schema, data, auth and storage onto your on-site server - no app rewrite, same Postgres core.

Who it's for

Two audiences, one server

Confidentiality professionals

You want to run your software §203-ready in-house - because the data must not leave the building.

Law firmsMedical practicesTax advisorsAuditors

Companies holding their data

You store or process data of confidentiality professionals - as a software vendor, SaaS or service provider - and need to host it §203-ready on-premise. You deliver the application, we provide node, gateway and compliance package.

Frequently asked questions

Tech & operations: our Supabase expertise

Free intro call

Let's talk about your project - honest and no strings attached

  • Straight with Timo and Robin - no sales team, no pitch
  • An honest take, including when we are not the right fit
  • Concrete next steps for infrastructure, software or AI

No risk: worst case, you leave with a clearer understanding of your project than before.

Timo and Robin, founders of WZ-IT

Let's Talk About Your Idea

Whether a specific IT challenge or just an idea - we look forward to the exchange. In a brief conversation, we'll evaluate together if and how your project fits with WZ-IT.

E-Mail
[email protected]

Leading companies trust WZ-IT

  • Rekorder
  • Keymate
  • Führerscheinmacher
  • SolidProof
  • ARGE
  • Boese VA
  • nextGYM
  • Maho Management
  • Golem.de
  • Millenium
  • Paritel
  • Yonju
  • EVADXB
  • Mr. Clipart
  • Aphy
  • Negosh
  • ABCO Water Systems
Timo Wevelsiep & Robin Zins - CEOs of WZ-IT

Timo Wevelsiep & Robin Zins

Managing Directors of WZ-IT

1/3 - Topic Selection33%

What is your inquiry about?

Select one or more areas where we can support you.