Your data, your jurisdiction, your rules. Delphi lets you pick the region where your data lives, pin processing to that same region, and document the whole arrangement for auditors and regulators. Whether you’re a US enterprise with state-level requirements, an EU controller under GDPR, or a sovereign customer with stricter needs, the platform adapts to you — not the other way around.
Choosing a region
When you provision a tenant, you choose a data region. Today that means US East (South Carolina), US Central (Iowa), EU West (Belgium), or EU West (Frankfurt), and each region carries a clear jurisdiction label so you know exactly which legal framework applies.
Your selected region is where your dashboards, datasets, documents, audit logs, and streaming pipeline state are stored. Processing region can be set independently for hybrid setups — you might store in Frankfurt while allowing processing agents to run in Belgium, for example — or locked to the same region for stricter isolation.
If you don’t make a selection, your tenant defaults to US East. Regulated customers should choose explicitly during onboarding so there’s no ambiguity about where your data lands.
Sovereignty tiers
Delphi offers three sovereignty tiers so you can match the control level to the risk profile of your data.
Tier 0 — Standard. Data is stored in a provider-selected region. This is the right fit for teams whose data isn’t subject to specific residency requirements and who want the simplest setup.
Tier 1 — Regional. Your data is pinned to the region you chose. Storage never leaves that region, while processing infrastructure follows standard operational patterns. This tier suits most EU customers and US customers with state-level residency expectations.
Tier 2 — Sovereign. The strictest tier. Both storage and processing are locked to a single region — they must match, and the platform enforces this at the configuration layer. Every read and write is captured in an audit trail, and the tier is designed for customers with the highest regulatory bar: public sector bodies, defense-adjacent work, healthcare under strict national frameworks, and financial institutions with explicit sovereignty mandates.
What stays where
Once your region and tier are set, everything tenant-scoped stays there: dashboard configuration, connector state, ingested observations, RAG document chunks, org graph snapshots, KPI history, ledger entries, and audit records. Tenant isolation is logical and enforced by identifier across every storage and processing surface.
Customer credentials for enterprise connectors are held in a managed secret store and referenced by pointer rather than stored alongside your operational data. When a pipeline needs to call Salesforce, Slack, or your HRIS, it resolves the secret in-region and never copies it into long-term storage outside your boundary.
External sub-processors that touch data at all — streaming infrastructure, error monitoring, email delivery — are disclosed in your DPA, and you get 30 days notice before any change. If you’re on Tier 2, this list is kept deliberately narrow.
Hybrid cloud and bring-your-own data lake
For sovereign and regulated deployments, Delphi’s data plane can be scoped into a cloud account you already operate — AWS, GCP, or Azure — so ingestion, storage, and streaming stay inside your perimeter while the control plane continues to orchestrate. The streaming and object-storage layers run as containerized services in your environment, under your IAM, on your billing line, in the region you choose. This is a delivered engagement rather than a self-serve feature: talk to us about the shape that fits your risk profile and we’ll scope the right deployment for your team.
It pairs cleanly with Tier 2 sovereignty: lock the region, lock the account, and the only thing crossing the boundary is the agent reasoning itself. If you need a region, tier, or deployment shape that isn’t listed here, the conversation starts the same way — scope it with us rather than guessing from a brochure.
DPAs and compliance documentation
For EU, UK, and sovereign customers, Delphi provides a Data Processing Addendum covering GDPR Article 28 responsibilities, Standard Contractual Clauses for international transfers, breach notification within 72 hours, sub-processor disclosure, and data return or deletion on termination. Your chosen region and sovereignty tier are recorded in Schedule A of the DPA so there’s a signed record of what you picked.
On top of the DPA, Delphi surfaces the operational evidence your auditors actually ask for. The compliance dashboard tracks ISO 42001 control mapping and trust score metrics, and every data access, mutation, and admin action is written to an immutable, queryable audit log. Together they give you the paper trail to answer questions from regulators, customers, and your own risk team without pulling engineers off other work.
If you need a region, tier, or contractual term that isn’t listed here, talk to us — sovereign deployments are a conversation, and we’d rather scope it properly than hand you a one-size-fits-all answer.