To meet the requirements of the **UK Data Protection Act 2018** and **UK GDPR**, we provide a dedicated data residency solution for our customers based in the United Kingdom. This ensures that your organization's sensitive data remains within UK jurisdiction.

## Primary Storage Location

For all workspaces configured with a UK billing address, primary data is hosted on **Amazon Web Services (AWS)** within the **London (eu-west-2)** region. This includes:

- **Customer Content:** All user-generated data, files, and database records.

- **PII (Personally Identifiable Information):** Names, email addresses, and account metadata.

- **Backups:** Encrypted snapshots are stored across multiple availability zones within the UK borders to ensure high availability.

## Compliance & Governance

Our UK infrastructure is managed according to the "Gold Standard" of local data protection:

- **Supervisory Authority:** Our processing activities are governed by the **Information Commissioner’s Office (ICO)**.

- **Data Sovereignty:** By utilizing the London AWS region, we ensure that your data is not subject to the "Cloud Act" or other foreign extra-judicial data requests without following the formal UK legal process.

- **Encryption:** All data at rest is secured via AES-256 encryption using keys managed within the UK.

## Sub-processor list

We maintain a specific list of UK-authorized sub-processors. Whenever possible, we prioritize vendors who also offer London-based data residency. You can view our full **UK Data Processing Addendum (DPA)** in your Legal Settings.

## Verifying your Region

To confirm your data is being stored in London, navigate to **Settings > Security**. You will see a "Data Residency" badge displaying **Region: UK-London**.