Threema

Threema is a Swiss end-to-end encrypted messaging application developed and operated by **Threema GmbH** (Pfäffikon SZ, Switzerland, Commercial Register: CHE-221.440.104), founded in December 2012 by three Swiss developers as a privacy-first alternative to WhatsApp — launching on Apple's App Store the same month the app was conceived. The legal entity was formally registered as Threema GmbH in spring 2014 to support professional expansion. Key milestones: post-Snowden traction in 2013, Threema Work (business edition) launched 2016, surpassed 10 million users in early 2021 following WhatsApp's controversial terms-of-service update, and a new CEO appointed in 2024. The product portfolio is three-tier. **Threema Private** (consumer): one-off purchase app for iOS + Android + desktop, no phone number or email required for sign-up — fully anonymous use possible. **Threema Work** (business): managed admin console, MDM integration, enforced encryption policies, SSO via SAML/OIDC, priced at €3/user/month (Core) or €5/user/month (Professional); 30-day free trial for up to 30 users. **Threema OnPrem** (self-hosted): the full Threema Work stack deployable on customer infrastructure, for buyers who require complete data sovereignty inside their own security perimeter. All three tiers share the same cryptographic core: end-to-end encrypted messages, voice calls, video calls, group chats, file transfers, and polls using the NaCl/libsodium cryptography library; encryption by default with no plaintext fallback. Compliance posture is among the strongest in the messenger category. **ISO/IEC 27001 certified**. Data processing for all essential functions runs **exclusively on Threema's own servers in Switzerland** (confirmed in the publicly available DPA). Switzerland holds an EU adequacy decision (Art. 45 GDPR) — SCC-free for EU↔CH transfers. The DPA (threema.com/en/dpa) is publicly accessible without login and references standard contractual safeguards for any third-party functions. The company explicitly positions Threema as compliant with **NIS 2, DORA, and CER** EU directives. Ownership: Threema was acquired by **Comitis Capital GmbH** (a German investment firm focused on purpose-driven companies) from Afinum Management GmbH in early 2026 — still EU-controlled, no US capital. Open-source: a Google-free Android version (Threema Libre) ships via F-Droid with reproducible builds for independent verification; the app source code is publicly auditable. Best fit: privacy-conscious individuals replacing WhatsApp or Signal with a Swiss-hosted option; German and EU enterprises needing an auditable E2EE messaging platform under their own IT control; regulated sectors subject to NIS 2 / DORA that need a compliant internal comms layer.