privacy of participant data on regional servers

We are planning to run an experiment on a local server, specifically in Frankfurt Germany.
To ensure compliance with our data protection regulations, I would like to know how Fly treats participant data, particularly when our experiment is run on the Frankfurt regional server.

In the Privacy Statement, I found that application-internal information is stored on servers located in the United States, not collected and only accessed with the consent of the application owner for maintenance or support reasons.

Would this also extend to application-internal participant data of our experiment running on a regional server in Frankfurt?

1 Like

The data used by your app, either persistent storage in volumes or ephemeral storage at runtime, stays within the region where it was created. However volume backups are encrypted and stored in the US and can be disabled to prevent this. We have strict access controls around customer data and don’t access anything without permission and unless necessary, like an outage recovery.

The metadata needed to operate our service is stored in many regions, including authoritative databases in the US. This includes app config, encrypted secrets, image registry, and ip/volume allocations. Metrics and logs generated by your app are also stored in the US.

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.