Azure (EU)
Azure regions: West Europe (Amsterdam), North Europe (Dublin), Germany West Central (Frankfurt). Azure OpenAI for LLM processing within Azure EU. Microsoft's DPA and EU Data Processing Addendum.
Data Residency & GDPR
All data remains in the client's infrastructure. No third-party data flows.
Core Principle
AI agents process business-critical data: personnel data, financial data, contract data. The question of where this data is processed and who has access is non-negotiable for enterprise clients.
The Gosign architecture is based on one core principle: all data remains in the client's infrastructure. Gosign does not operate its own cloud, does not store client data, and has no permanent access to production systems.
Deployment Options
GCP (EU)
GCP regions: europe-west1 (Belgium), europe-west3 (Frankfurt), europe-west4 (Netherlands). Vertex AI for LLM processing within GCP EU. Google's DPA and EU Standard Contractual Clauses.
Self-Hosted
Own data center or own servers. Open-source models: Llama, Mistral, DeepSeek -- operated locally. No data leaves the corporate network. Full control over hardware, software, and network.
Hybrid
Combination of cloud and self-hosted. Example: Self-hosted for sensitive HR data, Azure EU for document processing. The architecture supports different deployment options per agent.
Technical Data Protection Measures
Row-Level Security (RLS)
Tenant isolation is enforced at database level -- not at application level. A SQL query can physically only access records the executing context is authorized for. Isolation cannot be bypassed through application logic.
Encryption
At rest: All data encrypted (AES-256). In transit: All data transfers over TLS 1.3. Key management: Customer-owned keys (Bring Your Own Key) or platform-managed.
Access Control
RBAC (Role-Based Access Control) at all levels. No shared credentials, no service account with full access. Access is logged and traceable in the audit trail. Gosign has no permanent access to production data.
Data Deletion
Deletion concept per GDPR Art. 17. Retention periods configurable per data type. Deletion covers all copies -- database, audit trail, backups (after backup retention expires). Deletion protocols documented in audit trail.
LLM-Specific Data Protection
Cloud LLMs (Azure OpenAI, Vertex AI)
When cloud LLMs are used, data to be processed is sent to the LLM service. Measures: Azure OpenAI data is not used for training OpenAI models. DPA/SCCs with the respective provider. Data minimization: only data necessary for processing is sent to the model.
Self-Hosted Models (Llama, Mistral, DeepSeek)
With self-hosted models, no data leaves the client's infrastructure. The model runs locally, processing occurs on own hardware. Trade-off: self-hosted models are generally less capable than the latest proprietary models.
No Training on Client Data
Gosign AI agents are not trained on client data. No fine-tuning, no re-training, no uncontrolled learning from production data. Agents use LLMs with prompts and rule sets -- the models themselves are not modified.
GDPR Mapping
| GDPR Article | Architectural Measure |
|---|---|
| Art. 5 -- Data minimization | Only required data is processed. No stockpiling. |
| Art. 6 -- Legal basis | Data processing agreement (Art. 28) or legitimate interest, depending on context. |
| Art. 17 -- Right to erasure | Deletion concept with configurable periods, documented deletion. |
| Art. 25 -- Privacy by Design | RLS, encryption, RBAC as architectural components. |
| Art. 28 -- Data processing | DPA between client and Gosign, DPA between client and cloud provider. |
| Art. 30 -- Records of processing | Audit trail documents all processing activities. |
| Art. 32 -- Security of processing | Encryption, access control, regular review. |
| Art. 33/34 -- Notification obligations | Incident response process, audit trail for forensics. |
Distinction
This page describes technical architectural measures for data protection and data residency. The data protection legal assessment and formal GDPR conformity declaration are the responsibility of the controller (the client) and their data protection officers.
Gosign delivers the technical infrastructure. Legal responsibility lies with the operator.
Frequently Asked Questions about Data Residency
Does data leave the EU?
With EU deployment (Azure EU, GCP EU, Self-Hosted in EU), all data remains within the EU. With Self-Hosted, data remains in the client's data center. The architecture supports all options -- the choice is the client's.
What data is sent to LLM providers?
With cloud LLMs (e.g., Azure OpenAI), processed documents are sent to the LLM service. Azure OpenAI is covered by Microsoft's data protection agreements with EU data processing. With self-hosted models (Llama, Mistral), no data leaves the client's network.
How is tenant isolation implemented?
Row-Level Security at database level. Every tenant, entity, and department is technically separated. An agent can only access data it is authorized for.
Talk to us about your data residency requirements.
Azure EU, GCP EU, Self-Hosted or Hybrid. We configure the infrastructure to your requirements.
Book a Meeting