GDPR & Data Residency

Protecting customer data is core to how FoxNose is built. This page describes where your data is stored, how it is processed, and how to ensure everything stays within the EU when you need strict residency guarantees.

Core Data Residency

Regardless of where your projects are hosted globally, certain core operational data is always stored exclusively within the European Union (EU) infrastructure. This includes:

  • Organization Metadata: Information about your FoxNose organization.
  • User Records: All user accounts, profiles, and authentication details.
  • System Backups: Comprehensive backups of all FoxNose data, ensuring recovery and integrity.

This commitment to EU-based storage for core data ensures a baseline of high privacy and compliance standards for all our users.

Project Data Residency & GDPR

For your project-specific content, you control the residency.

Only EU zones support GDPR compliance mode. If you need GDPR guarantees, ensure your project is created in the EU zone.

During the public beta, only EU regions are available. US regions will become available later.

  • Storage Zones: When creating a project, you select a storage zone (e.g., EU, US). All project data (schemas, resources, etc.) will reside in that zone's infrastructure.
  • GDPR Compliance Mode: Projects in the EU zone have an optional GDPR mode. When enabled, all request processing (for both Management and Flux APIs) is also guaranteed to happen within the EU.

How to Manage GDPR Mode

You can manage this setting in your project details:

  1. Switch to the appropriate organization and open the Projects list.
  2. Find the project, click the three-dot menu, and choose Edit Project.
  3. In the Data section, toggle GDPR compliance. The change applies immediately.

Data Subject Rights (GDPR)

As per GDPR, you are the data controller for your project content, and FoxNose acts as the data processor. To fulfill data subject requests (like deletion or anonymization):

  • Use the Management API to locate and delete or anonymize the relevant resources.
  • Publish the updated revisions. Because the Flux API only serves published content, the data will be removed from public delivery.

Legal & Support

For Data Processing Agreements (DPA) or specific support requests related to GDPR, please contact compliance@foxnose.net.

See our Privacy Policy for more general information on how FoxNose handles data.

Was this page helpful?