Get startedGet started for free

Data residency and data sovereignty

1. Data residency and data sovereignty

When it comes to storing data and keeping it secure, data sovereignty and data residency are two important concepts to understand. Data sovereignty refers to the legal concept that data is subject to the laws and regulations of the country where it resides. For example, the General Data Protection Regulation (GDPR) in the European Union requires companies to comply with data protection laws when processing or storing personal data of EU citizens, regardless of their location. This ensures that individuals have control over their personal data and its usage. In contrast, data residency refers to the physical location where data is stored or processed. Some countries or regions have laws or regulations that require data to be stored within their borders. For instance, some countries mandate that personal data of its citizens must be stored on servers within the country. This ensures data remains within the jurisdiction of local laws. Now, let's explore how Google Cloud addresses data residency requirements. We offer a range of options to control the physical location of your data through regions. Each region consists of one or more data centers, which lets you choose where your data resides. For example, within the European Union, you can select regions located in various countries like the UK, Belgium, Germany, Finland, Switzerland, and the Netherlands. By configuring your resources in specific regions, Google ensures that your data is stored only within the selected region, as stated in our Service Specific Terms. Additionally, Google Cloud provides Organization Policy constraints, coupled with IAM configuration, to prevent accidental data storage in the wrong region. These controls offer peace of mind and reinforce your data residency requirements. Furthermore, Google Cloud offers features like VPC Service Controls, which let you restrict network access to data based on defined perimeters. You can limit user access through IP address filtering, even if they have authorization. Google Cloud Armor lets you restrict traffic locations for your external load balancer by adding an extra layer of protection. By using these capabilities, organizations can adhere to data residency and data sovereignty requirements, ensure compliance, and maintain control over their valuable data within the Google Cloud ecosystem.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.