> ## Documentation Index
> Fetch the complete documentation index at: https://docs.truthlocks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Data residency

> Pin your tenant data to a specific geographic region for GDPR, data sovereignty, and compliance requirements.

Truthlocks allows you to pin all tenant data to a specific geographic region. Once configured, your data — including users, attestations, evidence, files, and audit logs — is stored and processed exclusively within that region.

## Supported regions

| Region code | Location                | Governance    | Default for           |
| :---------- | :---------------------- | :------------ | :-------------------- |
| **US**      | Northern Virginia, USA  | US Law        | Global and US tenants |
| **EU**      | Dublin, Ireland         | GDPR / EU Law | European tenants      |
| **AF**      | Cape Town, South Africa | ZA Law        | African tenants       |

Your region is assigned when your tenant is created, based on your organization's country code. You can set your country from **Settings > Organization** in the console. The platform maps your country to the nearest supported region automatically. Your region assignment can only be changed by contacting your account manager.

## What stays in your region

All tenant-scoped data is guaranteed to remain within the selected region:

* **Identity** — users, roles, permissions, and API keys
* **Business data** — issuer profiles, attestations, evidence, verification results, and consumer inboxes
* **Files** — all attachments and evidence documents (stored in region-specific buckets)
* **Billing** — usage records and invoices
* **Audit logs** — your complete audit trail

<Info>
  Some data is considered global and may be replicated for performance: public documentation, marketing content, public transparency checkpoint metadata, and SDK artifacts. This data does not include PII or tenant-scoped business data.
</Info>

## How enforcement works

Each region runs as an independent deployment stack. When you make an API request, the platform verifies that your tenant's assigned region matches the region of the stack processing the request. If there is a mismatch, the request is rejected with an HTTP `409 Conflict` response:

```json theme={null}
{
  "code": "REGION_MISMATCH",
  "message": "Data Residency Violation: tenant is pinned to region EU but request was routed to US.",
  "http_status": 409
}
```

This enforcement applies to every authenticated API call, ensuring that no tenant data is accidentally processed outside its designated region.

## Region locking

By default, your tenant's region is locked after creation. This prevents accidental region changes and provides an additional compliance safeguard.

* **Locked** — the region cannot be changed through normal API calls. This is the default.
* **Unlocked** — a platform administrator has temporarily unlocked the region for migration purposes.

<Warning>
  Region changes do not automatically migrate data. If your region is changed, data must be manually migrated to the new region's infrastructure. Contact your account manager to coordinate a region change.
</Warning>

## Choosing a region

Select the region that best aligns with your regulatory requirements:

| Requirement                            | Recommended region         |
| :------------------------------------- | :------------------------- |
| GDPR compliance                        | **EU** (Dublin)            |
| US federal or state data laws          | **US** (Northern Virginia) |
| African data sovereignty (e.g., POPIA) | **AF** (Cape Town)         |
| No specific requirement                | **US** (default)           |

If you are unsure, start with the default (US). You can request a region change later by contacting support.

## Checking your region

You can verify your tenant's current region from the console at **Settings > Organization**, or by querying the API:

```bash theme={null}
curl https://api.truthlocks.com/v1/identity/orgs \
  -H "X-API-Key: tl_live_..."
```

The response includes your country code and region assignment:

```json theme={null}
{
  "id": "org_abc123",
  "name": "Acme Corp",
  "country_code": "DE",
  "region_code": "EU",
  "residency_lock": true
}
```

* **`country_code`** — your organization's [ISO 3166-1 alpha-2](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) country code, set during onboarding or in organization settings.
* **`region_code`** — the data residency region derived from your country code.
* **`residency_lock`** — whether the region is locked (default `true`).

## Frequently asked questions

<Accordion title="Can I move my data to another region?">
  Automated migration is not supported in the current version. Contact your account manager for manual migration assistance. The process involves provisioning your data in the target region and updating your tenant's region assignment.
</Accordion>

<Accordion title="What if my users are in multiple regions?">
  Users can access the platform from anywhere, but all data remains in your tenant's home region. Latency may vary depending on user location relative to your assigned region.
</Accordion>

<Accordion title="Does data residency affect billing?">
  Payments are routed based on your country, not your data residency region. See [provider routing](/billing/provider-routing) for details on how payment providers are selected.
</Accordion>

## Related

<CardGroup cols={2}>
  <Card title="Compliance & certifications" icon="certificate" href="/trust/compliance">
    GDPR, SOC 2, and other compliance standards.
  </Card>

  <Card title="Row-level security" icon="lock" href="/security/rls">
    How tenant data is isolated at the database level.
  </Card>

  <Card title="Audit logs" icon="scroll" href="/security/audit">
    Track all actions within your tenant.
  </Card>

  <Card title="Provider routing" icon="route" href="/billing/provider-routing">
    How payments are routed by region.
  </Card>
</CardGroup>