Data Sovereignty

Data Residency & Processing Locations

Understand exactly where your data flows, how it's processed, and the controls you have over its residency.

Last updated: January 17, 2026

Our Data Philosophy

Local-First, Minimal Retention

Tork is designed with a local-first architecture. The content you send to our API for evaluation is processed entirely in memory and is never written to disk or persistent storage.

This means your sensitive data—the actual text, code, or content being evaluated—never leaves the ephemeral processing environment. Only metadata (timestamps, decisions, rule matches) is stored for audit purposes, and even that is configurable.

Zero Content Retention

API request content is never stored. Processing happens in isolated, ephemeral containers that are destroyed after each request.

Encryption Everywhere

All data in transit uses TLS 1.3. Persistent data is encrypted at rest with AES-256. API keys are hashed, not stored in plaintext.

Configurable Retention

Audit log retention is configurable from 30 to 365 days. Delete data anytime via API or dashboard.

Processing Regions

ServiceProviderRegionData TypesEncryption
Primary Database
SOC 2 Type IIHIPAA BAA
Supabase (PostgreSQL)
AWS us-east-1
Virginia, USA
Account data, API keys, audit logs, configurationAES-256 at rest, TLS 1.3 in transit
Application Hosting
SOC 2 Type IIISO 27001
Vercel
Global Edge Network
Nearest edge location
Static assets, serverless functionsTLS 1.3 in transit
API Processing
SOC 2 Type II
Vercel Serverless
AWS us-east-1 (primary)
Virginia, USA
Request processing (in-memory only)TLS 1.3, no persistence
Email Delivery
SOC 2 Type II
Resend
AWS us-east-1
Virginia, USA
Email addresses, notification contentTLS 1.3 in transit

Data Flow

1

API Request Received

Your request hits our edge network (Vercel) and is routed to the nearest processing region. TLS 1.3 encryption protects data in transit.

2

In-Memory Processing

Content is evaluated in an isolated, ephemeral serverless function. Policy rules are applied, PII is detected, and decisions are made. No content is written to disk.

3

Metadata Logged (Optional)

If audit logging is enabled, only metadata (timestamp, decision, rule matched, request ID) is written to our database in AWS us-east-1. Content is never logged.

4

Response Returned

The evaluation result (ALLOW/BLOCK/REDACT + signed receipt) is returned to you. The serverless function is terminated and all in-memory data is destroyed.

Regional Compliance

🇪🇺

European Union

Compliant via DPA
GDPREU AI Act
  • Standard Contractual Clauses (SCCs) available
  • Data Processing Agreement (DPA) GDPR-compliant
  • EU representative can be appointed on request
  • Data deletion requests honored within 30 days
🇺🇸

United States

Compliant
CCPA/CPRAHIPAAState Privacy Laws
  • CCPA/CPRA rights fully supported
  • HIPAA BAA available for healthcare customers
  • Virginia VCDPA, Colorado CPA compliant
  • Primary data processing location
🇦🇺

Australia

Compliant
Privacy Act 1988APPs
  • JCorp Australia Pty Ltd is the data controller
  • Australian Privacy Principles (APPs) compliant
  • Cross-border data transfer protections in place
  • OAIC complaints process supported
🇬🇧

United Kingdom

Compliant via DPA
UK GDPRDPA 2018
  • International Data Transfer Agreement (IDTA) available
  • UK GDPR compliant data handling
  • ICO registration maintained
  • Subject access requests honored

Data Retention Policies

API Request Content

Not retained

Processed in real-time memory only. Never written to disk or persistent storage.

Audit Logs

Configurable (30-365 days)

Metadata about evaluations (timestamp, decision, rule matched). Configurable per plan.

Account Data

Account lifetime + 30 days

Email, name, company. Deleted 30 days after account closure upon request.

API Keys

Until revoked

Hashed and stored securely. Permanently deleted when revoked.

Usage Metrics

90 days (detailed), 2 years (aggregated)

API call counts and timestamps for billing. Aggregated for long-term analytics.

Session Data

24 hours

Authentication tokens and session state. Auto-expired.

Enterprise Options

For organizations with specific data residency requirements, we offer advanced deployment options.

Dedicated Tenancy

Enterprise plan

Isolated database and compute resources for your organization

  • Dedicated PostgreSQL instance
  • Isolated serverless functions
  • Custom domain and SSL
  • Priority support included

Regional Deployment

Enterprise plan (roadmap)

Deploy Tork infrastructure in your preferred region

  • EU region (Frankfurt) - Coming Q2 2026
  • APAC region (Sydney) - Coming Q3 2026
  • Custom regions available on request
  • Data never leaves selected region

Bring Your Own Key (BYOK)

Enterprise plan (roadmap)

Use your own encryption keys for data at rest

  • AWS KMS integration
  • Customer-managed keys
  • Key rotation support
  • Audit trail for key usage

On-Premise Deployment

Enterprise plan

Run Tork entirely within your infrastructure

  • Docker/Kubernetes deployment
  • Air-gapped environment support
  • Full data sovereignty
  • Self-managed updates
Contact Sales for Enterprise Options

Data Residency FAQ

Related Documents

Trust Center Data Processing Agreement Privacy Policy