-
Written by
Cloudkasten GmbH
-
Published on
Apr 22, 2026
Share on
Public sector fleet operators — municipalities, ministries, agencies, public hospitals, research institutions — face a software-procurement reality that the SaaS market often glosses over. They are not optimizing for “fastest time-to-value” or “lowest CAC”. They are optimizing for data sovereignty, audit-readiness, and 10-year operability.
This article explains why those three constraints make self-hosted fleet management the dominant model in European public-sector procurement, and what to look for when comparing offerings.
What “data sovereignty” actually means in procurement
Data sovereignty is shorthand for “we know exactly where our data is, who can access it, and under which legal framework”. For a public-sector buyer, that translates into very specific procurement requirements:
- Geographic location — data physically stored within the EU, ideally within the member state.
- Jurisdictional reach — data not subject to extraterritorial access laws (US CLOUD Act being the most-cited example).
- Sub-processor transparency — every third party with potential data access listed and contractually bound.
- Exit guarantees — data export, source-code availability, or escrow arrangements for the case of vendor failure.
A typical multinational SaaS fleet platform fails at least two of these four. Self-hosted on-premise software fails none.
The compliance stack: GDPR, NIS2, BSI Grundschutz
Three regulatory frameworks shape the European public-sector buying decision:
GDPR
The default. Audit logs, data subject rights, retention policies, lawful processing basis. Self-hosted simplifies the compliance picture by eliminating sub-processor relationships and Schrems II questions.
NIS2
The newer factor. Many municipalities and public bodies now fall under the directive’s scope. NIS2 requires risk management, supply chain security analysis, incident reporting, and minimum security measures. A line-of-business system with documented audit logs and clear sub-processor inventory (zero) is easier to slot into a NIS2 program than a multi-tenant SaaS with 10+ undisclosed processors.
BSI Grundschutz
The German baseline. Building blocks for application security, identity & access, audit logging, encryption, patch management, isolation. Self-hosted software with mature RBAC and immutable logs maps directly onto these building blocks; SaaS platforms are evaluated under different APP modules with different controls.
Procurement realities
Public-sector procurement runs on different rules than enterprise procurement. Three observations:
Direct award (Direktvergabe / direct procurement)
Many EU member states allow public bodies to procure software directly when the contract value sits below a defined threshold (Schwellenwert). For a perpetual license priced under €25,000 net, direct procurement is typically feasible. SaaS contracts that recur monthly are harder to evaluate against the same threshold because their lifetime cost grows.
Multi-year budgeting
Public bodies plan in 3-5 year budget cycles. A perpetual license fits cleanly: it’s a single capital expense in year one. A SaaS subscription with annual price increases is harder to budget over a 5-year horizon.
Software longevity
Public bodies operate systems for 10-15 years. The software they buy in 2026 must still be supportable in 2036-2040. Vendor financial stability, source-code escrow, and the ability to run the software without internet connectivity are not abstract concerns.
What to look for in a vendor
A short list of features that map onto public-sector requirements:
- On-premise / private cloud deployment — non-negotiable for most public bodies under NIS2 or sector-specific regulations.
- Perpetual licensing — fits multi-year budget cycles and direct-procurement thresholds.
- Source-code escrow — guarantees long-term operability regardless of vendor fate.
- Database choice — SQL Server and PostgreSQL both supported; you use the database licenses you already operate.
- Identity integration — OIDC/SAML against your existing IdP (often Active Directory).
- Audit-log immutability — append-only, surviving pseudonymization, exportable for audits.
- Multi-tenancy — for public bodies that consolidate fleets across departments or jurisdictions.
What “going self-hosted” looks like operationally
The classical objection — “we don’t have the IT team to run it” — is often outdated. Modern self-hosted fleet management ships as Docker images or Helm charts, deploys in a few hours, and runs on commodity Linux or Windows Server. Most public bodies already operate document management systems, finance systems, and HR systems on similar infrastructure. Adding a fleet management application is not a step into the unknown.
The practical operational footprint is roughly:
- One Linux VM (4-8 vCPU, 8-16 GB RAM) or a small Kubernetes namespace
- One database (SQL Server or PostgreSQL) — often shared with other internal apps
- Standard backup, monitoring, and patching processes you already run
This is a Tuesday-afternoon installation, not a transformation project.
A closing thought on Bring-it-Home
The shift from SaaS to self-hosted for public-sector fleet management is not a nostalgic step. It is a deliberate architectural choice driven by GDPR, NIS2, BSI Grundschutz, and budget realism. The tooling has caught up: container-friendly deployment, OSS-compatible databases, modern admin UX, perpetual licensing.
If your municipality, agency, or research institution is currently running an older system or a SaaS contract that no longer fits the procurement playbook, a self-hosted alternative is worth a 30-minute conversation. The compliance picture gets simpler. The 5-year cost picture gets cheaper. The operational risk picture gets cleaner.
Public sector landing page with procurement specifics: /en/fleet-software-public-sector/. And the GDPR-focused angle: /en/gdpr-compliant-fleet-management/.