--- title: How EU-hosted AI changes procurement conversations url: https://opero.pro/resources/eu-hosted collection: resources --- **Kind:** blog · **Read time:** 5 min · **Persona:** C-suite · **Tag:** Compliance · **Industry:** Cross-industry · **Published:** 2026-05-15 Sovereign and EU-hosted deployments shorten the procurement conversation by removing the data-residency objection before it comes up. When a security questionnaire opens with a question you have already answered, the procurement team's read on you shifts from "another US-hosted AI vendor" to "a vendor who understood the question." Three procurement objections surface in order: data residency, training-pool exposure, and audit coverage. Each has a short answer if the vendor has done the infrastructure work. ## What "EU-hosted" actually has to mean "We have a data centre in Frankfurt" is not a sufficient answer, and a procurement team that has run this process before knows it. The questions arrive in a specific order: 1. **Where does customer data rest?** Opero runs on infrastructure in Germany, Denmark and Ireland under GDPR jurisdiction. Single-country pinning is configurable at contract time and enforced at the infrastructure layer. 2. **Where does it transit?** Customer data does not leave EU territory in transit during retrieval, inference, or action execution. No traffic routes through US-based infrastructure. 3. **Who has read access?** Retrieval is filtered by user permissions; each customer runs in a dedicated tenant with no cross-customer pooling of corpus, conversation history, or metadata. 4. **What happens if a non-EU authority subpoenas your infrastructure provider?** The infrastructure is in EU jurisdiction; sovereign on-prem deployment is available for stricter mandates. Most "EU-hosted" claims survive question 1 and break on question 2. ## The training-pool objection "Do you train on our data?" Most LLM vendors' honest answer is: we say no in the contract, but the operational architecture would permit it. The architecture that closes this question has a different shape. Opero does not train on customer data. There is no training pool. When a technician asks a question, the [Knowledge Agent](/product/knowledge) retrieves the relevant chunks from your corpus and passes them to the model as context at retrieval time. Your data is in the prompt, not in the model weights. A fragment of one customer's service manual cannot surface in another customer's answer because the retrieval draws from a per-tenant corpus — there is no shared index across customers. The procurement team can verify this by asking two questions: does your inference pipeline write anything back to a training data store, and what is your subprocessor's model-training policy for data processed via API? Both questions have short answers when the architecture is right. When they don't, the conversation gets long, and long procurement conversations about training-pool exposure rarely close well. ## Audit log as procurement currency "Show me what your system did six weeks ago for this user on this document." That question ends procurement conversations in one of two ways: the vendor opens a log and walks through the answer, or the vendor explains why they can't do that. The first vendor gets the contract. Every retrieval, every cited source, every outbound action — PO draft, ticket update, work-order note — is logged with the calling user, timestamp and model version. The log is append-only and scoped to your tenant. When a procurement auditor asks what happened on a specific date, the log shows which user triggered the query, which documents were retrieved, what version of the model responded, and what action — if any — was written back to the ERP. The log is replayable. You can reconstruct the exact retrieval that generated a given answer, which makes it usable in a formal audit rather than an informal retrospective. "We have logs" is a much shorter conversation than "let me check." ## Where to start next week For procurement teams reviewing AI vendors: ask the egress question and the training-pool architecture question — in that order. The answers separate vendors faster than any security questionnaire. For vendors preparing for the security review: lead with the audit-log demo. Data residency is table stakes in the EU market; audit replay closes the meeting. Full operational-trust framing is in [Operational trust](/resources/trust). Hosting-region details and the subprocessor posture are on the [Trust page](/trust).