Private customer relationship platform

The register of every relationship.

Diwan is the sovereign record of every customer interaction, commitment, and promise — deployed into your infrastructure, on your cloud, in your region. Not a tenant slot you rent. Software your enterprise owns.

Request a briefing See the launch deck

Built for banking, insurance, telco, and retail.

Why Diwan is different

Sovereign by deployment, not by contract.

Most CRMs ask you to move your customer record into their cloud, their region, their keys — and hand you a data-processing agreement as consolation. Diwan inverts this. The platform is shipped to you, deployed into the infrastructure you already trust, and governed by your own operators. The register stays home.

The idea

A thousand years of records. Rebuilt for yours.

In the 7th century, as the first caliphates stretched from Andalusia to the Indus, a new institution was born to manage the vast web of human relationships holding the empire together. They called it the Diwan. The register. The council. The ledger of every person, every obligation, every promise made and kept. It was, centuries before the word existed, the world's first customer relationship management system.

A thousand years later, we are building CRMs that do a fraction of what the Diwan did. They store contacts but miss context. They log transactions but forget trust. They track pipelines but lose the person. They fragment what was always meant to be one unified record.

Diwan is a return to the original idea — rebuilt for the age of AI, channels, and clouds.

Read the full manifesto →

The platform

One register. Four convictions.

Unified register

Every customer, interaction, and promise lives in one sovereign record. No fragmented stacks. No "syncs" that drift.

Metadata-native

Objects, fields, layouts, and workflows are data, not code. The platform bends to the business — not the other way round.

Private deployment

Shipped into your cloud, your region, your keys. A customer-managed instance of the platform. No multi-tenant cloud to audit.

Audit-grade sovereignty

Row-level tenant isolation inside the instance. Hash-chained audit. Field-level encryption. Regulators first, not last.

The deployment model

Your infrastructure. Our platform.

Diwan ships as a deployable platform — containers, Helm charts, Terraform modules — into the environment you choose. Cloud, sovereign cloud, or on-premises. We operate the upgrade pipeline; you operate the data.

Your cloud

BYOC

AWS, Azure, GCP, or a sovereign regional cloud. Your accounts, your networks, your IAM. We deploy into tenancy you already have.

Your region

Data residency

Records never leave the country you chose. Every regulator — PDPA, GDPR, NDMO, PDPL, DFSA — can be answered with a map.

Your keys

Customer-held encryption

Field-level encryption anchored to KMS keys you own. If you rotate the key, the record rotates with it. No vendor can read what you do not want them to.

Not available as: a shared-tenant public cloud. By design.

The platform surface

One codebase. The full customer register.

Sales, service, marketing, and omnichannel engagement — unified in one register. Not a bundle of products sold together; one platform with one metadata model.

Sales Leads, opportunities, products, quotes, activities, and forecasting.
Service Cases, queues, SLAs, knowledge base, and field-service basics.
Marketing Segments, campaigns, journeys, and consent management.
Omnichannel Unified inbox, agent console, AI-assist interfaces.
Analytics Reports, dashboards, forecasts, and embedded BI.
Integration APIs, webhooks, adapters, and bulk ingest pipelines.
Studio Low-code builder — objects, fields, layouts, workflows.

Industry packs

Domain-native, not generic.

Each vertical pack ships as metadata — standard objects, fields, workflows, and reports tailored to the way the industry actually works.

Banking

Trust. Safekeeping.

Financial accounts, households, KYC workflows, relationship managers, referrals, wealth portfolio views.

Insurance

Fidelity. Promise.

Policies, coverages, claims, first-notice-of-loss intake, underwriting, renewals, broker hierarchies.

Telco

Connectivity.

Subscribers, service lines, devices, trouble tickets, MACD orders. TM Forum-aligned data model.

Retail

Hospitality.

Loyalty members, store locations, POS transactions, clienteling, returns, and recommendations.

For the auditor

Security is not a feature. It is the register itself.

  • Row-level isolation per tenant, enforced in Postgres.
  • Hash-chained, append-only audit log — tamper-evident.
  • Field-level encryption with customer-held KMS keys.
  • Identity via Keycloak — SAML, OIDC, SCIM, MFA, WebAuthn.
  • Deploys as audited Helm charts + signed container images.
  • OpenTelemetry everywhere; logs + traces ship to your observability stack.

For the engineer

Modern monolith. Microservice-ready.

One Node.js / NestJS core with strict bounded contexts. An in-process event bus backed by Kafka. CQRS where it adds value. Outbox pattern for eventual consistency.

Postgres 16 for the register. OpenSearch for full-text. Temporal for journeys. Redis for cache. MinIO or your S3 for blobs.

Any bounded context can be extracted into its own service without rewrites. The platform grows with the customer — or stays a single deployment if that suits the ops team.

We are taking design partners.

Your customers deserve more than a CRM.

We are selecting a small number of banks, insurers, telcos, and regional retailers across APAC and MENA as design partners for Diwan's first year. If the private-deployment model resonates, we would like to talk.

[email protected] See the launch deck

Diwan · diwan-crm.com · the register of every relationship.