INFRASTRUCTURE · CYGRIDS · SWEDEN
Queues, n8n, agents and internal APIs that must run 24/7 in Swedish data centres via Cygrids, with firewall and platform protection. Choose shared isolation vs dedicated hardware by volume and risk; we put numbers in a quote once scope is clear.
Unsure about scope before a quote? Consulting & hire-in · Book a meeting
Automation: examples and patterns is about what runs — this page is about where it runs.
Infrastructure
For always-on automation and production data, where workloads actually run shapes governance, incident response, and how confidently you can answer regulators and customers. Hosting in established Swedish facilities usually yields a clearer EU chain of custody, a shorter path to an operator who can act on outages and capacity in your time zone, and less ambiguity about which legal regime applies—compared with spreading the same load across arbitrary cloud regions.
The seals below are Cygrids’ certifications: our data-centre and infrastructure partner’s, not IWAB’s. They describe how Cygrids runs the platform layer where your workloads may sit.
ISO 27001
ISO 27001 is an international standard for information security management systems. It shows that Cygrids uses disciplined processes to manage and protect sensitive data through systematic risk management and governance.
ISO 9001
ISO 9001 is the international standard for quality management systems. Cygrids’ certification means delivery and service processes in the platform layer follow a documented QMS, with a focus on customer requirements, compliance, and continual improvement.
Based in Sweden
The mark calls out a Swedish home base: Cygrids operates in a clear EU/Nordic context, with the supervisory and contract environment that implies, and often easier incident dialogue in your time zone. It complements the ISO marks with a location signal that states where the operator actually runs its platform—not a separate ISO, but a deliberate country mark.
Where the seal shows A3CERT, certification is issued by A3CERT.
The diagram is illustrative; physical sites and technical scope follow Cygrids and your agreement.
Runtime in Sweden via Cygrids makes placement and operational responsibility easy to describe. Flows through tools or APIs outside the EU/EEA still need their own risk assessment for personal data.
Hosting with us is first and foremost clear runtime in Sweden together with Cygrids. That makes it easier to reason about physical placement, operational responsibility, backup, patching and networking. If you connect third-party APIs, support tools, email or AI services outside the EU/EEA, they often carry a separate legal and technical risk picture on top of the hosting layer—especially for personal data where regulators expect you to demonstrate control (including third-country scenarios after Schrems II).
In practice “compliance for hosting” usually breaks down into: data map (what is personal data vs ops logs), access & keys (who, when, why), traceability (changes, incidents, restore) and sub-processor chain (DPA, SCC, region choice). In the quote we can separate: Cygrids/IWAB hosting, your apps, and surrounding flows that touch personal data.
Firewalls and network segmentation are part of platform protection: minimal surface, controlled ingress, and a clear boundary between your content and surrounding traffic. Certified management systems (e.g. ISO-related programmes where applicable) are documented in the operator’s own statement; scope and content at Cygrids follow their published materials—ask for current written evidence in procurement when paper proof is required; we align it with your hosting scope.
SOC 2 often comes up in cloud and platform conversations. What matters is that the SOC report primarily describes designed controls at a vendor; it does not replace GDPR, registers and real operational maturity in your process.
Some sectors add cyber resilience via NIS2 and industry rules. That shapes how hard you log, how you segment and how you respond to regulator and customer scrutiny—same as sizing your quote, not a table here.
Read more: NIS2 Directive (2022/2555) in EUR-Lex · IWAB: blog · privacy
Same data centre and partner (Cygrids); different isolation and resources. We put CPU/RAM, disk, backup, network, firewall and platform protection in the quote once scope is clear.
Shared IWAB-managed environment with agreed resources—good when you want 24/7 ops without renting the whole machine.
Your containers or workers run in a shared IWAB-managed environment with agreed caps. Fits when you want production uptime without renting the whole machine.
Dedicated machine in Cygrids’ hall when volume, compliance or stable latency needs its own hardware.
A dedicated machine (or cluster) in Cygrids’ hall for your automation—clearer latency and no unknown neighbours. IWAB ties deployment to your AI package and support tier.
Answers without a price grid—email us when your track is unique.
We do not want to lock you to a figure that misses resources, SLA or surrounding cost. After a short discovery you get a quote where CPU/RAM, disk, backup, network, firewall and support tier sit in one document.
The operator runs Swedish data halls with clear governance and auditable controls. Exact ISO scope and current reports follow Cygrids’ own publications—ask for the current appendix in procurement and we align it to your scope.
Runtime sits in an operationally monitored environment: segmentation, limited internet-facing surface and patched platforms per agreement. Your application may still need its own vulnerability management; we separate platform vs your code in the quote.
Hosting at Cygrids is physically in Sweden. But if you plug in email, support tools, AI APIs or anything outside the EU/EEA, those flows need their own assessment. See our trust page on SCCs, Schrems II and third countries.
Cygrids operates the data hall, network, hardware and platform protection within your agreement. IWAB places your automation in the environment, orchestration, monitoring depth and updates to your flows. Exact split is written in the quote.
Tell us what must flow 24/7, rough volumes and any retention requirements—we suggest shared vs dedicated and how it pairs with your AI package. You get a quote once the tiers are clear.
Contact for quote