/ navigate · Space next · Shift+Space back
Home / End first / last · F fullscreen · P print
To save as PDF: press P → choose Save as PDF → A4 landscape.

DIWAN

The register of every relationship.

Launch briefing · 2026 · diwan-crm.com

Your customers deserve more than a CRM.

A.D. 638 · from Córdoba to the Indus

The world's first CRM was built 1,400 years ago.

Early caliphates managed the web of human relationships holding their empire together with one institution: the Diwan. The register, the council, the ledger of every person, every obligation, every promise made and kept.

The problem

Today's CRMs store contacts. They miss context.

  • They log transactions but forget trust.
  • They track pipelines but lose the person.
  • They fragment what was meant to be one record.
  • And they live in somebody else's cloud, in a region the vendor chose.

An enterprise is only as strong as its register.
Yet most enterprises cannot confidently name where their register lives.

The question nobody answers clearly

Where, exactly, does your customer record live?

  • In a region you did not choose.
  • Under keys you do not hold.
  • Governed by a DPA, not by your operators.
  • Visible to a vendor's support staff when you least expect.
  • Portable on paper, immovable in practice.

This is a problem every regulated enterprise has quietly accepted. We stopped accepting it.

The customer record should come home.

Not rented. Not hosted by a vendor. Owned.

Introducing

Diwan.

An intelligent customer relationship platform. The sovereign register of every interaction, commitment, and promise. Deployed into your infrastructure.

The thesis

Sovereign by deployment, not by contract.

Not a slot you rent in a vendor's multi-tenant cloud. A platform that ships to you, runs in your infrastructure, and keeps your customer register in the region you chose, under the keys you hold.

What makes Diwan different

Four convictions. One register.

Unified register

One record across sales, service, marketing, omnichannel. Truth cannot be distributed.

Metadata-native

Objects, fields, layouts, workflows are data. Tenants configure — they do not fork.

Private deployment

Ships into your cloud, your region, your keys. The register stays home.

Audit-grade sovereignty

Row-level tenant isolation. Hash-chained audit. Field-level encryption. Regulators first, not last.

The deployment model

Your infrastructure. Our platform.

Diwan ships as audited Helm charts, signed container images, and Terraform modules. Deployed into the environment you choose. We operate the upgrade pipeline. You operate the data.

Your cloud

AWS, Azure, GCP, sovereign regional clouds. Your accounts. Your networks. Your IAM.

Your region

Records never leave the country you chose. PDPA, GDPR, NDMO, PDPL, DFSA — answered by design.

Your keys

Field-level encryption anchored to KMS keys you own. The vendor cannot read what you do not share.

The platform surface

One codebase. The full customer register.

Sales
Leads, opportunities, products, quotes, activities, forecasting.
Service
Cases, queues, SLAs, knowledge base, field service.
Marketing
Segments, campaigns, journeys, consent.
Omnichannel
Unified inbox, agent console, AI-assist.
Analytics
Reports, dashboards, forecasts, embedded BI.
Integration
APIs, webhooks, adapters, bulk ingest.
Studio
Low-code builder — objects, fields, layouts, workflows.

Industry packs

Domain-native, not generic.

Banking

Trust, safekeeping. Financial accounts, households, KYC, relationship managers, referrals.

Insurance

Fidelity, promise. Policies, coverages, claims, FNOL, underwriting, renewals.

Telco

Connectivity. Subscribers, service lines, devices, tickets, MACD orders. TM Forum-aligned.

Retail

Hospitality. Loyalty, stores, POS, clienteling, returns.

The landscape, honestly

We are not trying to be the next Salesforce.

The CRM market is mature and crowded. Salesforce, Microsoft Dynamics, Oracle, Freshworks, Zoho, HubSpot, SugarCRM — each has scale, reference customers, and a partner ecosystem we cannot replicate on day one. We are not asking you to replace your CRM with ours.

We are asking a narrower question: where the existing market does not fit, can a privately-deployed register serve you better? For a subset of enterprises — regulated, sovereignty-sensitive, or simply tired of renting their customer record — the answer is yes.

Our bets

Six design principles we are unwilling to compromise.

01

Private first

Single-tenant instances, deployed into the customer's infrastructure. Public multi-tenant SaaS is available from many vendors; none are us.

02

Metadata before code

Every object, field, layout, and workflow is declarative. Customizations survive upgrades. The platform bends.

03

Auditable by default

Hash-chained audit log, row-level isolation, append-only mutations. The register proves itself without asking.

04

Open-stack, not proprietary

Postgres, Keycloak, Temporal, OpenSearch, Kafka. Hireable skills. Replaceable components.

05

TypeScript-native

One language across platform, SDK, and extensions. No Apex. No proprietary runtime.

06

Regional, not imported

Workflows, packs, and locales built for APAC and MENA — not retrofitted from a US template.

Where we fit

The workloads we are built for.

We are a good fit when

  • Data residency or sovereignty is non-negotiable.
  • Regulators require an auditable on-premise or in-region deployment.
  • The existing CRM is a cost or customization ceiling, not a feature ceiling.
  • The team can run, or is willing to run, a modern Kubernetes workload.
  • The organization wants to own the platform long-term, not rent it indefinitely.

We are honest about when we are not

  • If you need a 10-user team to be live next Tuesday, SaaS CRMs are faster.
  • If your industry needs a massive third-party app marketplace, we don't have one yet.
  • If you need deep Marketing Cloud-grade journey orchestration today, ours is maturing.
  • If you will not run your own infrastructure, we are not your platform.

How we compare, carefully

Not a feature race. A deployment choice.

Dimension Public multi-tenant SaaS
(Salesforce, Dynamics, etc.)
Lightweight SaaS
(Freshworks, Zoho, HubSpot)
DIY / legacy suite Diwan
Time to first value Weeks Days Quarters Weeks (pilot), months (production)
Feature breadth Broad FocusedCustom Focused on the register
Data residency + customer-held keys ContractualLimitedYes Yes — by deployment
Single-tenant private deployment Rare / priced highNoYes Default
Metadata-native customization Yes (mature)LimitedManual Yes (day-one)
TypeScript / open-stack ProprietaryMixed Any Yes
Ecosystem + marketplace maturity ExtensiveModerateNone Early
Regulatory packs for APAC + MENA Available via partnersMinimalCustomBuilt-in

Directional, not exhaustive. Every deployment varies. Individual customer requirements outweigh any single column in this table.

What we are and are not

We are a new platform. We say so plainly.

What Diwan is today

  • A working platform: sales, service, marketing, omnichannel, analytics, integration, studio.
  • Four industry packs — banking, insurance, telco, retail — as installable metadata.
  • A private-deployment model with audit, RLS, and customer-held encryption primitives.
  • A small, dedicated team, accepting a small number of design partners.

What we are not yet

  • A household name — we are asking to earn that, one customer at a time.
  • An App Exchange with 5,000 integrations — we are selecting a short list that matters.
  • A fit for every enterprise — we will tell you quickly if we are not.
  • Cheap. Deploying sovereignty costs more than renting it. We think it is worth it.

Architecture

Modern monolith. Microservice-ready.

One Node.js / NestJS core. Strict bounded contexts. CQRS where it adds value. Outbox pattern for eventual consistency.

Postgres 16 for the register (with row-level security). OpenSearch for full-text. Temporal for journeys. Redis for cache. MinIO or your S3 for blobs. Keycloak for identity.

Deployed as Helm charts into your Kubernetes. Any bounded context can be extracted into its own service without rewrites. Grows with the customer; stays single-deployment if that fits the ops team.

Web · Admin Studio
  ↓
API Gateway (Traefik)
  ↓
NestJS · bounded contexts
├─ Identity + Tenancy
├─ Metadata Engine
├─ Sales · Service · Marketing · Omnichannel
├─ Audit · Feature Flags · Integration
└─ Platform (provisioning)
  ↓
Postgres · Redis · OpenSearch · Kafka · Temporal · Keycloak · KMS

Security + sovereignty

Built for the auditor from day one.

Isolation

Row-level security across tenants, enforced in Postgres. Private single-tenant deployment is the default; multi-tenant mode is an opt-in for internal subsidiaries.

Auditability

Hash-chained, append-only audit log. Tamper-evident. Every mutation traceable. Every correlation id preserved across services.

Residency + keys

Data residency is chosen at deployment time. Field-level encryption uses customer-held KMS keys. GDPR, PDPA, PDPL, NDMO, DFSA primitives baked in.

Status

A register already kept.

Today

  • Metadata-native CRUD across 14+ standard objects.
  • Sales, service, marketing, omnichannel, analytics, integration modules.
  • Four vertical packs as installable metadata.
  • Drag-drop layout editor; platform-admin tenant provisioning.
  • Hash-chained audit, RLS isolation, OIDC auth, OpenTelemetry observability.
  • 158 end-to-end smoke checks + unit tests, green.

Next six months

  • Design-partner deployments with 2–3 enterprises across banking, insurance, telco.
  • Reference Helm charts + Terraform modules for AWS, Azure, and GCP.
  • Customer-managed KMS integration end-to-end.
  • AI-assist layer: summarization, suggested replies, intent routing.
  • Developer portal and signed SDKs.
  • SOC 2 Type I readiness.

Who we are for

Enterprises for whom the register matters.

  • Banks with $1B+ AUM that must answer residency questions from their regulator.
  • Insurers managing 100k+ policies across life, health, and general lines.
  • Telcos with 1M+ subscribers and mixed consumer + enterprise books.
  • Regional retailers with 50+ stores and an existing loyalty programme.
  • Any enterprise that cannot confidently name where its customer record lives today.

The offer

Design-partner programme, 2026.

We are selecting a small number of enterprises — one per vertical, per region — to shape Diwan's first production year.

  • Direct line to the engineering team.
  • Joint roadmap. Priority for your industry needs.
  • Preferred commercial terms, locked for three years.
  • Public customer story — at your discretion.
  • Your deployment, your infrastructure, your keys.
Fewer partners. Deeper partnership. A register built with you, not at you.

The register of every relationship.


[email protected]

Diwan · diwan-crm.com · 2026