Data Residency β
All data is stored and processed in the region you select. Data is never transferred across jurisdictional borders without explicit consent.
Regional infrastructure β
| Region | Compute | Database | Storage |
|---|---|---|---|
| π¨π¦ Canada | GCP northamerica-northeast1 (MontrΓ©al) | Neon ca-central-1 | GCS northamerica-northeast1 |
| πΊπΈ United States | GCP us-central1 (Iowa) | Neon us-east-2 | GCS us-central1 |
| π¬π§ United Kingdom | GCP europe-west2 (London) | Neon eu-west-2 | GCS europe-west2 |
| π¦πΊ Australia | GCP australia-southeast1 (Sydney) | Neon ap-southeast-2 | GCS australia-southeast1 |
What stays in your region β
| Data type | Stays in region |
|---|---|
| Uploaded agreement PDFs | β |
| Extracted rule candidates | β |
| Uploaded employee CSV data | β |
| Validation findings | β |
| Generated reports | β |
| Audit logs | β |
| Account and billing metadata | β |
What may leave your region β
| Data type | Destination | Purpose |
|---|---|---|
| Agreement clause text | OpenAI (US) | AI rule extraction |
| Authentication tokens | Firebase (Google, US) | User authentication |
| Billing information | Stripe (US) | Payment processing |
| Error reports | Sentry (US) | Error monitoring (no PII) |
Agreement clause text
Agreement clause text is the only substantive data that leaves your region, and only for the purpose of AI rule extraction. Employee payroll data is never sent outside your region.
Cross-border restrictions β
- You cannot transfer a contract or validation job between regions
- Team members access data through the regional endpoint for their organisation
- API requests are routed to your organisation's regional endpoint automatically
- Backups are stored in the same region as the primary data
Encryption β
| Layer | Standard |
|---|---|
| Data at rest | AES-256 (GCP managed encryption keys) |
| Data in transit | TLS 1.2+ |
| Database | Encrypted at rest (Neon managed) |
| Backups | Encrypted at rest, same region as primary |
Compliance mapping β
| Requirement | How we meet it |
|---|---|
| PIPEDA β data must remain in Canada | All Canadian customer data in GCP northamerica-northeast1 |
| UK GDPR β adequate safeguards for transfers | Limited transfers (clause text to OpenAI) covered by SCCs; no employee data leaves UK |
| Australian Privacy Act β cross-border disclosure | No employee data leaves Australia; clause text transfer covered by APP 8 assessment |
| CCPA β service provider obligations | Compliant service provider agreement; no sale of personal information |
For enterprise customers β
Enterprise customers can request:
- Infrastructure audit access (read-only GCP console access to their project)
- Custom encryption keys (CMEK β customer-managed encryption keys)
- Dedicated database instance (single-tenant deployment)
- Custom data retention policies
Contact security@contract-as-code.com for enterprise data residency options.