Automate without limits
n8n is a workflow automation platform for technical teams that combines visual building with code, API connectivity, and AI capabilities.
Workflows, agents, and integrations can be created through a graphical interface, but can also be extended deeply with JavaScript, Python, HTTP requests, custom nodes, and self-hosting when needed. n8n can be run in the cloud or on your own infrastructure.
n8n
AI agents and workflows you can see and control
Location: Germany ⓘ n8n GmbH, Novalisstr. 10, 10115 Berlin, Germany
Pro: €50 / month, billed annually; custom execution volume, 3 shared projects, 20 concurrent executions, 7 days of insights, 150 AI Workflow Builder credits, admin roles, global variables, workflow history, execution search.
Business: €667 / month, billed annually; self-hosted, 40K executions, 6 shared projects, SSO/SAML/LDAP, 30 days of insights, environments, scaling options, Git source control.
Enterprise: Price on request; cloud or self-hosted, custom execution volume, 200+ concurrent executions, 365 days of insights, external secret store integration, log streaming, extended data retention. According to the pricing page, all paid plans include unlimited users, unlimited workflows, and all integrations; billing is based on workflow executions.
The Help Center article adds that Business is currently only available for self-hosted deployments. Other Community Edition free via self-hosting under the Sustainable Use License. A free trial for Cloud is available and, according to the pricing page, can be started without a credit card. In addition, there is a startup plan with a 50% discount on Business, publicly listed at €333 / month, billed annually, for early-stage startups. In principle, n8n follows an execution-based pricing model, not per task/step.
Target audience
n8n is primarily aimed at technical teams, developers, automation owners, ops/revops/IT teams, as well as technically skilled freelancers or agencies. It is especially attractive for organizations that want to connect processes not only between SaaS tools, but also include their own APIs, data sources, AI models, webhooks, and internal systems. For purely non-technical individual users, however, it is often more powerful than simple.
Outstanding features
The hybrid approach is particularly strong: workflows can be built visually, but also deeply extended with code steps (JS/Python), HTTP requests, custom nodes, API access, webhooks, and self-hosting. In addition, there are AI features such as AI Agents, RAG, chat agents, and document-/data-related AI workflows. Also important for companies are features such as SSO, environments, Git-based version control, external secret stores, and log streaming in higher-tier plans.
Key use cases
The strongest real-world use cases are automations and workflows, API orchestration, backend prototyping, AI agents, RAG/knowledge workflows, data integration/ETL, CRM/lead automation, as well as support/chatbot scenarios. Officially, n8n itself highlights, among other things, backend prototyping, RAG, IT operations, building AI agents, and supercharge your CRM.
Usage & notes
For getting started, n8n Cloud is easier because, according to the documentation, self-hosting requires technical know-how for servers, scaling, security, and configuration. Anyone using n8n productively and with sensitive data should clearly distinguish between cloud and self-hosted, review the DPA process, and for AI workflows also take into account the additionally integrated model providers/subprocessors. You should also know: the Community Edition is free to use, but in licensing terms it is not equivalent to classic open source.
| Who is it suitable for? | Assessment & rationale |
|---|---|
| Private individuals | Conditionally suitable – useful for tech-savvy users who want to build their own automations; for non-technical users, n8n is less beginner-friendly because even simple workflows often require understanding of APIs, data, and logic. |
| Self-employed / freelancers | Suitable – especially for marketing automations, lead processing, email processes, data transfer, AI workflows, and recurring client processes. This aligns strongly with automations / workflows, API integration, data analysis, marketing / advertising, and email / communication. |
| SMEs / small teams | Very suitable – n8n combines workflow automation with AI features and business process automation; cloud plans include unlimited users and workflows, with billing based on monthly workflow executions. |
| Large enterprises | Very suitable – especially for complex, controlled automations with governance, SSO/SAML/LDAP, Git versioning, log streaming, external secret store, and either cloud or self-hosted operation. |
| Developers / technical teams | Very suitable – n8n combines visual workflows with code, API requests, integrations, and AI building blocks; according to the docs, n8n also supports AI functionality, RAG, agents, MCP, LangChain, and API-adjacent workflows. |
| Privacy-conscious EU companies | Well suited with self-hosting, conditionally with cloud – n8n can be self-hosted; however, self-hosting requires server, security, and operational know-how. With n8n Cloud, workflow code, credentials, and other data are stored until deletion or account closure. |
| Pure no-code beginners | Conditionally suitable – n8n is low-code/automation-first, not just a simple no-code builder. For simple app creation without technical knowledge, Base44 or Manus are usually more accessible. |
Hosting & Data
1) On-prem / local hosting
Meaning: The company operates the solution on its own hardware or within its own infrastructure. In the strictest sense, not only the application runs locally, but ideally the model as well.
2) Private cloud / data center
Meaning: The solution runs in a dedicated or more clearly separated cloud environment, often with a hosting provider or hyperscaler, but in a German data center or in a particularly controlled environment.
3) EU SaaS / managed
Meaning: The provider operates the solution itself as a service. The company uses the tool as a ready-made cloud service, ideally with EU data residency.
4) Hybrid
Meaning: One part of the processing remains internal / local / in a private cloud, while another part runs in an external cloud or EU SaaS.
5) AVV / DPA
Meaning: This is the data processing agreement or Data Processing Addendum. It governs that the provider processes personal data on behalf of the customer and is bound by the customer's instructions.
6) No training
Meaning: The provider does not use your prompts, uploads, attachments, chat histories, or outputs for training or improving the general model — ideally excluded by contract.
7) Open-source / transparency path
Meaning: There is a path toward greater technical transparency and sovereignty, for example through:
- open models
- documented components
- self-hostable parts
- traceable architecture
- export / switching options
| On-prem / local hosting | ✅ |
| Private cloud / data center | ⚠️ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ✅ |
On-premises / local hosting: supported
Self-hosting is officially offered and documented. The website mentions self-hosting via npm, Docker, and server setup guides; the pricing page states for self-hosted that the data is stored wherever the customer hosts n8n. There is also a 'Self-hosted AI Starter Kit'.
Private Cloud / Data Center: Partially
A dedicated private cloud solution as a standalone product was not clearly described on the website. However, self-hosting on the customer’s own infrastructure is available, as are OEM/enterprise self-hosting guidelines, which in principle allow for a isolated customer environment. The website does not provide an explicit statement regarding dedicated German/European private cloud instances provided by n8n.
EU SaaS / Managed: Covered
The pricing page specifies that for hosted plans, data is stored within the EU on servers in Frankfurt, Germany. The security page confirms that n8n Cloud runs on Azure and that physical hardware and stored data are currently hosted in the EU.
Hybrid: Partially
An explicit “hybrid” product was not described on the website. Indirectly, however, a hybrid setup is likely because n8n offers both cloud and self-hosted options and can be integrated via external services, APIs, and AI providers. No specifically documented hybrid architecture was provided on the website.
TOS / DPA: Covered
A Data Processing Agreement is published on the website and can be signed or downloaded. The documentation states that for cloud versions, a DPA is part of the Standard Terms of Service; furthermore, the DPA includes the SCCs.
No training: covered
The Privacy Policy states that n8n does not use any personal data—including data obtained through third-party services—for the development, improvement, or training of AI/ML models. No separate opt-out interface was found on the website; according to the website, the policy of not using data for training is already generally established.
Open Source / Transparency: Covered
The website describes n8n as self-hostable and links to GitHub; the documentation lists licenses under the “fair-code” model as well as a free, self-hosted Community Edition. This provides a clear path to transparency and sovereignty through self-hostable and openly documented components.
Data Processing
n8n offers two main operating models: n8n Cloud and self-hosting. For n8n Cloud, the website specifies EU data storage in Frankfurt, Germany; the security page mentions Azure hosting within the EU and encrypted storage/backups. For self-hosting, data processing takes place on the infrastructure chosen by the customer; according to the documentation, n8n is neither the controller nor the processor in this case, because n8n does not manage the data. At the same time, the list of subprocessors shows that when certain AI features are used, external AI providers may be involved, in some cases with processing taking place in the U.S. Subprocessors, the DPA, and security documents are published on the website.
Conclusion
For a German tool directory, n8n is generally well-documented regarding hosting and data protection. The strongest GDPR path is self-hosting on the user’s own EU/German infrastructure. The SaaS option is also comparatively well-positioned, as it features EU hosting in Frankfurt, published DPAs and SCCs, security documentation, and a list of subprocessors. Limitations arise where AI subprocessors involving processing in the U.S. are used. No explicit mention of ISO 27001 was found on the website, while SOC 2 and SOC 3 are mentioned in the Trust Center and on the Security page, respectively.
Sources
| On-prem / local hosting | ✅ |
| Private cloud / data center | ⚠️ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ✅ |
On-premises / local hosting: supported
Self-hosting is officially offered and documented. The website mentions self-hosting via npm, Docker, and server setup guides; the pricing page states for self-hosted that the data is stored wherever the customer hosts n8n. There is also a 'Self-hosted AI Starter Kit'.
Private Cloud / Data Center: Partially
A dedicated private cloud solution as a standalone product was not clearly described on the website. However, self-hosting on the customer’s own infrastructure is available, as are OEM/enterprise self-hosting guidelines, which in principle allow for a isolated customer environment. The website does not provide an explicit statement regarding dedicated German/European private cloud instances provided by n8n.
EU SaaS / Managed: Covered
The pricing page specifies that for hosted plans, data is stored within the EU on servers in Frankfurt, Germany. The security page confirms that n8n Cloud runs on Azure and that physical hardware and stored data are currently hosted in the EU.
Hybrid: Partially
An explicit “hybrid” product was not described on the website. Indirectly, however, a hybrid setup is likely because n8n offers both cloud and self-hosted options and can be integrated via external services, APIs, and AI providers. No specifically documented hybrid architecture was provided on the website.
TOS / DPA: Covered
A Data Processing Agreement is published on the website and can be signed or downloaded. The documentation states that for cloud versions, a DPA is part of the Standard Terms of Service; furthermore, the DPA includes the SCCs.
No training: covered
The Privacy Policy states that n8n does not use any personal data—including data obtained through third-party services—for the development, improvement, or training of AI/ML models. No separate opt-out interface was found on the website; according to the website, the policy of not using data for training is already generally established.
Open Source / Transparency: Covered
The website describes n8n as self-hostable and links to GitHub; the documentation lists licenses under the “fair-code” model as well as a free, self-hosted Community Edition. This provides a clear path to transparency and sovereignty through self-hostable and openly documented components.
Data Processing
n8n offers two main operating models: n8n Cloud and self-hosting. For n8n Cloud, the website specifies EU data storage in Frankfurt, Germany; the security page mentions Azure hosting within the EU and encrypted storage/backups. For self-hosting, data processing takes place on the infrastructure chosen by the customer; according to the documentation, n8n is neither the controller nor the processor in this case, because n8n does not manage the data. At the same time, the list of subprocessors shows that when certain AI features are used, external AI providers may be involved, in some cases with processing taking place in the U.S. Subprocessors, the DPA, and security documents are published on the website.
Conclusion
For a German tool directory, n8n is generally well-documented regarding hosting and data protection. The strongest GDPR path is self-hosting on the user’s own EU/German infrastructure. The SaaS option is also comparatively well-positioned, as it features EU hosting in Frankfurt, published DPAs and SCCs, security documentation, and a list of subprocessors. Limitations arise where AI subprocessors involving processing in the U.S. are used. No explicit mention of ISO 27001 was found on the website, while SOC 2 and SOC 3 are mentioned in the Trust Center and on the Security page, respectively.
Sources
Strengths & weaknesses at a glance
| Strengths | Weaknesses |
|---|---|
| • Very strong suitability for automation and orchestration as the actual product core. | • Self-hosting requires expert knowledge; n8n itself warns of risks such as security issues, outages, and data loss in the event of misconfiguration. |
| • 1000+ apps and services plus HTTP request node for gaps in standard integrations. | • The Community Edition is not classic open source, but rather under the Sustainable Use License with usage restrictions for certain commercial scenarios. |
| • Hybrid of low-code and code: JS/Python, API, CLI, custom nodes, webhooks. | • The public API is not available in the Free Trial. |
| • Choice between n8n Cloud and self-hosting. | • Important governance/enterprise features such as SSO/SAML/LDAP, External Secret Store, Log Streaming, or long Insights retention are included in higher-tier plans. |
| • Paid plans with unlimited users and workflows; billing based on workflow executions, not per individual step. | |
| • Good foundation for AI workflows, agents, and RAG. |
Reviews
0 reviews in total
There are no confirmed reviews for this tool yet.
Submit review
Your review will only become visible after email confirmation. This protects the portal against abuse.
Report review
Please select the reason why this review should be checked.
GDPR-compliant usage possible?
According to the information found on the website, n8n can be used in compliance with the GDPR, primarily through the best available method: self-hosting on your own or self-selected infrastructure. For the SaaS version, there are also relevant data protection measures such as DPAs/SCCs and EU hosting. However, according to subprocessors, some AI functions may involve processing in the U.S., which is why the assessment is based on the best overall method of use available.
Positive
Found on the website: DPA/AVV available; for the cloud, EU hosting is specified, specifically Frankfurt, Germany; the security page states that cloud data is hosted in the EU; subprocessors are disclosed; Self-hosting is officially offered and documented; for self-hosting, n8n clarifies that n8n is neither the controller nor the processor because n8n does not manage the data; the Privacy Policy also states that personal data is not used for the development, improvement, or training of AI/ML models.
Negative
Restrictions according to the website: Among the subprocessors, several AI providers with processing in the U.S. are listed; Google Vertex AI is listed as operating in both the EU and the U.S., OpenAI in the U.S., Anthropic in the U.S., and LangChain in the U.S. No general statement was found on the website confirming that all AI processing remains exclusively within the EU. ISO 27001 was not mentioned on the website.
Server Location
For hosted plans: Data is stored within the EU, on servers in Frankfurt, Germany. The security page adds that n8n Cloud uses Microsoft Azure and that the physical hardware and stored data are currently hosted in the EU. The list of subprocessors includes, among others, Microsoft Azure with “EU (Germany, Sweden)” and Hetzner with “Germany” for infrastructure. For self-hosting: “wherever you decide to host n8n” or on your own chosen infrastructure.