Cloudbear

Cloudbear: Building a Sovereign Cloud with a Personal Touch

Cloudbear is a company that combines managed hosting, cloud infrastructure, and a highly personal way of working. With a focus on tailor-made solutions, personal customer contact, and European digital sovereignty, Cloudbear helps organisations build reliable and secure IT environments without losing the human touch.

What started in 2012 as a small development and hosting venture by 15-year-old Wouter, soon joined by Thom who started helping out, has since grown into the company it is today.

In the beginning, it was all about application development and some game hosting. That’s also where the problems started – the game servers were constant targets of DDoS attacks.

“At one point, the owner of the datacentre took our server out and placed it outside the door because they’d had enough. That was the moment we decided: no more games, let’s focus fully on our core activities.”

From there, the team evolved naturally: while studying at MBO, Wouter met Marlin, who was doing the same kind of hosting activities but had stronger expertise on the network side. Marlin worked together with his partner Martijn. After a while, the four of them decided to join forces and shape Cloudbear into a managed hosting company with a clear mission – providing personal support to customers and expanding from simple hosting into broader, tailor-made services.

“We realised we were simply too small for the infrastructure we had created and had to find a different solution. This led us to move our infrastructure to Scaleway. Moving to Scaleway was the obvious choice for us — it was European-based and aligned with our priority on maintaining control over our operations.”

The dismantling of the Wavelengths also freed up some cash flow and allowed to implement automation, build a DevOps pipeline, and set up the processes at Scaleway needed to scale effectively.

Cloudbear Infrastructure Services (CBWS)

In 2022, Cloudbear took the next step by launching CBWS – Cloudbear Infrastructure Services – as a separate entity.

“We’ve always been passionate about both managed hosting, but also at infrastructure. When Kasper joined the team with his network infrastructure and servers, he brought in additional traffic and bandwidth. CBWS allowed us to fully integrate them both as this extra volume finally made our triangle of interconnected datacentres feasible. Previously, the infrastructure had been too large for us alone, but with Kasper’s contribution, the scale worked — and that’s also when NL-ix came in.”

Partnering with NL-ix

Cloudbear’s need for connectivity brought them to NL-ix in early 2022.

“We had just built out in Eindhoven and needed Transit from two providers for redundancy, one of which was NL-ix. Initially, we started with 2x10G NL-ix connections, but traffic grew very quickly — largely because Kasper brought in his network infrastructure along with his servers. This extra volume meant we suddenly had peaks of 80/90 gig, and we had to upgrade our NL-ix connections to handle it.”

“When we first started working with NL-ix, it wasn’t just about the commercial side. We spoke with Vinnie, who also understood the technical challenges we were facing. That combination made it easier to discuss what we really needed, not just what was on paper.”

“Later we joined a technical session with Dirk and Gert-Jan. It wasn’t a formal presentation, more a workshop where we could look at different options together. Having that kind of open exchange is valuable, because it’s not just about buying services but about working out the best way forward.”

The collaboration soon proved to be about more than just bandwidth.
“We have personal relationships with our customers, but also with NL-ix. That makes solving issues easier. Whether it’s packet loss, routing challenges, or a broken sea cable in Indonesia, NL-ix is always close at hand. We always help each other, but also we feel free to be critical in case something isn’t working properly. And that openness is exactly the kind of partnership we value.”

Sovereignty Matters

For Cloudbear, sovereignty has always been important — their early decision to move infrastructure to Scaleway was driven by a desire to remain European. Yet many don’t fully grasp what sovereignty actually entails, and much remains unknown even among organisations that consider themselves aware of these issues.

“We’ve seen companies that market themselves as European, but they still host their services on AWS. In those cases, control over data and infrastructure ultimately lies outside Europe — which is exactly the opposite of what they claim.”

“Another example that sticks with us is a company happily uploading customer ID card scans via a global CDN. Their reasoning? ‘It works.’ But they hadn’t considered the security, privacy, or legal implications of sending sensitive data outside a European-based domain.”

These examples demonstrate that awareness alone is not enough. True sovereignty requires more than branding — it demands real control over infrastructure, data, and operations.

Recent global developments have accelerated Europe’s efforts to strengthen independence and control over data, making digital sovereignty an urgent priority. Regulations like GDPR and NIS2 are being implemented to enhance security and operational control. At the same time, compliance can be complex and burdensome, creating high barriers for start-ups. Depending on the nature of their service, a small company may be required to obtain NIS2 or ISO certification before it can even begin operating. While these rules are fair in intent, they can make Europe less competitive by pushing new initiatives abroad.

Even the government provides a striking example. The Dutch government ran its own mail servers for 20 years but then suddenly stopped, despite promoting digital sovereignty. The decision illustrates that managing your own infrastructure isn’t always as simple as it seems: relying on external providers can be easier in terms of costs, maintenance, and operational complexity. Even at the highest level, practical realities often contradict the principles being promoted, showing how Europe’s goal of independence can be undermined in practice.

Understanding True Sovereignty

There’s a key difference between most global hyperscalers and a truly sovereign cloud. Typically, even if data is stored in Europe, the provider can still be compelled by laws such as the U.S. Cloud Act to access it. At one point, however, there was a Microsoft cloud region that was genuinely sovereign: in Frankfurt, Microsoft ran the infrastructure, but Telekom acted as an independent party holding the encryption keys. This meant that while Microsoft could technically access the data, it was fully encrypted and therefore useless to them, making the cloud truly compliant with GDPR and protected from foreign legal claims. That collaboration however ended four years ago, and there has been no equivalent since.

Lock-in Challenges

Another challenge is the marketing power and reach of global hyperscalers. Many organisations start with the “easy” option of AWS or Azure because it’s quick and convenient. But once everything — networks, applications, and login systems — is built on that platform, moving away becomes extremely difficult. Even if regulations like NIS2 or GDPR require a move, the operational and technical complexity of untangling deeply integrated systems makes switching a major challenge.

“Even when you know the regulations are coming, untangling all the systems and dependencies built over years is far more complex than most people anticipate.”

Looking Ahead

Cloudbear recently expanded to a second datacentre in Eindhoven and is planning a third, aiming to build a regional cluster with low-latency replication between sites. With CBWS, the company is furthermore also scaling towards its own DDoS protection and more advanced network services.

“We’ll never be as big as the global players – nor do we want to be. Our strength is in personal contact, creative solutions, and flexibility. We want to remain close to our customers – even if that means just dropping by with some Brabant sausage rolls. At the end of the day, we’re still a regional company – and we’re proud of it.”