Your Data Stays In-House: A Small Computer That Works for You

Automation does not have to mean your data leaves the company. A small computer on your own premises can do the same work without customer data ever going into someone else's cloud.

Where your data goes when you automate

Most automations today run in the cloud. That is a deliberate choice with clear advantages: quick to set up, accessible from anywhere, no hardware of your own. For many workflows, it is exactly the right call.

What often gets overlooked is a simple question: where does the data sit while it is being processed? With a cloud solution, it moves to a provider's servers, often abroad and sometimes spread across several services. That is not a mistake. But it is a decision many companies make without recognising it as one. And depending on what kind of data is involved, that decision has consequences.

What the law says

Since September 2023, Switzerland's revised Data Protection Act (revDSG) has been in force. It applies to every company, regardless of size. Two points from it matter for the question of automation.

First: if you outsource the processing of personal data to a cloud service, your company remains legally responsible. The service counts as what is called a processor. You have to ensure it handles the data correctly and secure that contractually. The responsibility cannot be handed over.

Second: if the data sits with a provider connected to the US, the Federal Data Protection Commissioner generally considers that sensitive, even when the servers are in Switzerland, because access by US authorities remains possible. For deliberate breaches of the rules on disclosing data abroad, the law provides for fines of up to 250,000 francs, which can be directed at the responsible individual, not just the company.

This is no reason to panic, and it is not a ban on the cloud. But it shows that for sensitive data, where it is processed is not merely a question of convenience. WPA Systems is not a legal advisor. To assess your specific situation, consult a specialist. What we can influence is the technology behind it.

The alternative: a device on your premises

This is exactly where our preferred approach comes in. Instead of placing the automation in a cloud, we set up a small, compact computer directly at your business. The device is about the size of a book, quiet and economical on power.

It runs the automation software n8n, which we use to build all our workflows. It runs in what is called a container, a self-contained and cleanly defined environment that is straightforward to maintain and back up. The device sits on your own network. The data the workflow processes stays there.

The decisive difference from the cloud: a device located in your own premises and on your own network is not, legally speaking, outsourcing at all. There is no processor, no disclosure of data abroad, no question about server location. The data simply does not leave the company. As a result, a significant part of the data protection questions is resolved not through a contract, but because it never arises in the first place.

What you need to keep in mind

A device on your own premises also comes with obligations, and it would be dishonest to leave them out. Hardware can fail. Updates and security patches do not happen by themselves. Backups have to be set up and checked. In the event of a power or network outage, the workflow stops.

That is why we do not simply set the device down and walk away. We install it, keep it current with updates, take care of the backup, and stay reachable if something goes wrong. You do not need to understand the technology yourself. That is our job.

A second point belongs to honesty just as much: not every workflow automatically stays fully local. As soon as a workflow deliberately uses an external service, such as an AI function or a cloud dispatch, the data record in question leaves the building. The advantage of your own device is not that this becomes impossible. The advantage is that it only happens when we set it up that way deliberately and together with you. For each individual step, we decide what stays local and what does not.

When the cloud is still the right choice

Local is not better in every case, and we offer cloud solutions just as readily. For workflows that work with non-critical data, such as internal logistics, anonymous metrics or information that is publicly available anyway, the cloud is often the faster and cheaper option. And when a workflow needs to be accessible from several locations, there is much in its favour too.

So it is not an either-or, but a deliberate decision for each workflow. The rule of thumb we give clients: data that concerns people or is confidential should stay in-house where possible. Everything else may take the more convenient route.

The first step

If you are considering whether a device of your own makes sense for you, start with a simple inventory: which of your workflows handle customer data, personnel data or other confidential information? That is precisely where the question of data location is worth asking most.

We are glad to look at your workflows with you and tell you honestly what makes sense locally and what does not. Get in touch. The first conversation is without obligation.