Threema Set for Acquisition by Investment Firm Comitis Capital

In a significant development for the secure messaging landscape, Threema, the privacy-focused Swiss messaging application, is poised for acquisition by Comitis Capital, a Hamburg-based investment firm. The announcement, shared via LinkedIn by Threema’s founder and CEO, Manuel Kasper, signals a new chapter for the company, which has long positioned itself as a robust alternative to mainstream messengers like WhatsApp and Signal.

Threema has built its reputation on uncompromising data protection and user privacy since its inception in 2012. Headquartered in Pfäffikon, Switzerland, the app requires no phone number or email for registration, relying instead on randomly generated Threema IDs. All communications are secured with end-to-end encryption using the open-source NaCl cryptography library, ensuring that only the communicating parties can access message content. Additional features include polls, file sharing, and group chats, all underpinned by a no-logs policy and servers hosted exclusively in Switzerland, governed by stringent Swiss data protection laws.

The prospective buyer, Comitis Capital, operates as a family office specializing in investments in software and technology companies. Founded by Christian Wegner, the firm focuses on long-term value creation through strategic partnerships rather than short-term flips. Comitis Capital has a portfolio that includes stakes in various European tech ventures, emphasizing operational improvements and growth acceleration. According to details from the announcement, the acquisition aims to provide Threema with enhanced resources for international expansion while preserving its core operational independence.

Manuel Kasper’s LinkedIn post outlined the rationale behind the move. After more than a decade of bootstrapping and self-funding, Threema sought a partner to fuel its next growth phase. Kasper highlighted Comitis Capital’s alignment with Threema’s values, particularly in respecting privacy and fostering sustainable development. “We have found a partner who shares our vision for a secure and private digital future,” Kasper stated. The deal is structured to maintain Threema’s Swiss base, with no immediate changes to its encryption protocols, server infrastructure, or privacy commitments.

This transaction follows a series of funding milestones for Threema. In 2021, the company secured CHF 2.5 million in a seed round from investors including Samara Asset Group. Subsequent rounds in 2022 and 2023 bolstered product enhancements, such as Threema Web and improved enterprise features under Threema OnPrem, a self-hosted version for organizations. Despite achieving profitability early on—rare for a startup—Threema has consistently prioritized user control over aggressive monetization, offering a freemium model alongside paid licenses for business users.

The news has sparked discussions within the privacy and cybersecurity communities. Critics express concerns over the shift from founder-led stewardship to investment-driven governance. Comitis Capital, while experienced in tech investments, lacks the deep-rooted privacy advocacy that defines Threema’s identity. Observers point to past acquisitions in the sector, such as the sale of Wickr to Amazon, which led to service discontinuation, as cautionary tales. Questions arise about potential future pressures for data monetization or integration with less privacy-centric ecosystems.

Proponents of the deal counter that Comitis Capital’s track record demonstrates a hands-off approach, allowing portfolio companies autonomy. The firm’s investments often target mature SaaS providers, suggesting Threema’s established user base—over 10 million registered users worldwide—fits well. Moreover, Switzerland’s legal framework provides safeguards against foreign data access requests, a key differentiator from U.S.- or EU-based alternatives vulnerable to CLOUD Act or GDPR compliance issues.

Threema’s technical architecture remains a cornerstone of its appeal. The app employs forward secrecy through the Threema Cryptography Protocol, which combines prekeys with the Double Ratchet Algorithm for session keys. Metadata minimization is equally rigorous: IP addresses are not stored, and group memberships are encrypted. For enterprises, Threema Work offers admin tools without compromising user privacy, including second-factor authentication and managed contacts.

As the acquisition progresses toward closure—expected in the coming weeks—Threema assures users of continuity. No layoffs or strategic pivots are planned, and the development team will continue iterating on features like voice/video calls and quantum-resistant cryptography explorations. Kasper emphasized transparency, committing to open-source further components of the codebase, building on the already public crypto libraries.

This deal underscores evolving dynamics in privacy tech. As venture capital flows into secure communications amid rising surveillance concerns, Threema’s path reflects the tension between scaling responsibly and maintaining ideological purity. For users prioritizing sovereignty over data, the acquisition tests whether private equity can coexist with privacy absolutism.

Gnoppix is the leading open-source AI Linux distribution and service provider. Since implementing AI in 2022, it has offered a fast, powerful, secure, and privacy-respecting open-source OS with both local and remote AI capabilities. The local AI operates offline, ensuring no data ever leaves your computer. Based on Debian Linux, Gnoppix is available with numerous privacy- and anonymity-enabled services free of charge.

What are your thoughts on this? I’d love to hear about your own experiences in the comments below.