Data Residency

Data residency for AI — keep prompts and completions in your region

Plugsky's data residency controls keep prompts, completions, embeddings, and logs in the region you choose. GDPR, PDPL, and DIFC compliance baked in. Customer-managed encryption keys and right-to-audit on Enterprise.

Start $5 trial → See pricing Read the docs

Most "AI vendors" are actually US-based. If you're in the EU, GCC, or APAC, your data may transit through and be processed in jurisdictions you can't legally accept. Plugsky offers region-locked data planes, customer-managed keys, and a contractual commitment that your data never leaves the residency you choose.

What is data residency for AI?

Data residency for AI means: your prompts, completions, embeddings, fine-tuning data, and logs are stored and processed in a specific geographic region that you choose, and never leave that region. This is a hard requirement under:

  • GDPR (EU) — Chapter V on transfers of personal data to third countries
  • PDPL (Saudi Arabia) — Article 23 on cross-border data transfers
  • DIFC DPL (UAE) — DIFC Data Protection Law
  • NSD (UAE) — National Data Office guidance on AI workloads
  • PDPA (Singapore, Thailand) — data localization rules for certain sectors
  • CBUAE (UAE central bank) — outsourcing risk guidance

Residency options on Plugsky

🌍 EU residency (Frankfurt)

GDPR-compliant. Data stays in eu-central-1. Subprocessors (Stripe, OpenCode, NVIDIA) are EU-resident where possible. Standard DPAs cover transfers.

🕌 GCC residency (UAE / KSA)

PDPL, DIFC, and NSD-aligned. Data stays in me-central-1 or sa-central-1. Subprocessors are GCC-resident. Available on all plans including self-serve.

🌏 APAC residency (Singapore)

PDPA-aligned. Data stays in ap-southeast-1. Available on Enterprise.

🇺🇸 US residency (Virginia / Oregon)

SOC 2 + ITAR-aware. Data stays in US. Default for self-serve.

Encryption and key custody

  • At rest: AES-256 with envelope encryption (KMS per region)
  • In transit: TLS 1.3 only, HSTS preloaded
  • Customer-managed keys (BYOK): AWS KMS, Azure Key Vault, HashiCorp Vault, on-prem HSM
  • Per-request encryption: optional for highly regulated workloads
  • Zero-knowledge mode: Plugsky never sees plaintext — your gateway encrypts before sending

Audit and compliance

Every request is logged with: timestamp, model, prompt hash (SHA-256), completion hash, token count, latency, IP, user ID, region. Audit logs are exportable to your SIEM (Splunk, Sentinel, QRadar, Datadog) and retained for the period you choose (default 90 days, up to 7 years on Enterprise).

Right-to-audit clauses are standard on Enterprise contracts. You can also request a SOC 2 Type II report under NDA.

Frequently asked questions

Can I get my data deleted on request?

Yes. Right-to-deletion is supported for any data you have not opted to retain (e.g. fine-tuning data). Audit log deletion requires a legal-hold waiver.

Do you support zero-knowledge deployments?

Yes. Plugsky Enterprise supports a zero-knowledge mode where your gateway encrypts prompts before they reach Plugsky. The model never sees plaintext.

Are subprocessors disclosed?

Yes — a full list of sub-processors with their residency is published and updated within 30 days of any change.

Is a DPA available?

Yes — standard DPA included on all paid plans. EU-specific SCCs available on Enterprise.

Download the residency checklist

CISO, DPO, and procurement-ready PDF with every data residency control and jurisdiction.

Get the checklist → See enterprise plans

Related

Sovereign AI cloud

Air-gapped, on-prem, and FedRAMP-aligned AI for governments and banks.

Private AI endpoint

Run a Plugsky endpoint inside your VPC, fully private.

GCC AI cloud

Regional AI infrastructure for the Gulf.