When your data is moved to a "cloud" server, someone else, perhaps operating that server in a foreign country, has control over it. That's the "data sovereignty" issue.

Depending on the laws of the country in which the cloud server resides, your data may be able to be revealed to foreign governments, to courts, or to litigant parties. Some governments (like the United States) even assert authority over data residing outside their borders, providing that the company operating the cloud server has a presence or sells within their borders.

Perhaps you feel safe because your data is encrypted at rest. That does provide some protection, but governments have pressured companies to assist with decryption of data, and have in some cases forced them to do so. Legislative efforts to undermine encryption of data in the name of "national security" occur annually in the United States, and may ultimately succeed. They have undoubtedly succeeded elsewhere.

We at Spendata have solved this problem by design: we simply do not move your data. Ever. Your data stays on your machine, inside your firewall, inside your country. All computation is performed locally, on your machine, inside your firewall, inside your country. There is no server involvement whatsoever.

So if someone comes knocking on our door demanding access to your data, good luck to them, because we don't have it. End of story.