Trust center / Data residency
Data residency
Where your data lives is a function of where your Microsoft 365 tenant is provisioned. docs365.ai doesn't move data out of that tenant — the residency posture is structural.
Short answer
Documents, metadata, and audit logs live in your SharePoint libraries, which live in your M365 tenant, which lives in the Microsoft data-center region you provisioned. docs365.ai operates on that data via API; it never copies it out of your tenant.
How M365 residency works
Tenant provisioning determines the region
Every Microsoft 365 tenant is provisioned in a specific geographic region. When your tenant was created, Microsoft assigned primary and secondary data-center locations based on the region your organization is in. For an Italian customer, that's typically Europe — usually with data-centers in Ireland, Netherlands, Germany, or France as the region for SharePoint document storage.
SharePoint Online stores documents in the tenant's primary region. Microsoft publishes the current data-center locations at learn.microsoft.com/microsoft-365/enterprise/o365-data-locations. Your admin can verify the exact regions your tenant uses from the Microsoft 365 admin center.
docs365.ai behaviour
What crosses your tenant boundary
Documents — never leave
Word files, PDFs, PowerPoint, Excel — all stay in your SharePoint libraries. We operate on them in-place via the Microsoft Graph API.
Metadata — never leaves
Protocol codes, owner, version, expiration dates, approver names — stored as SharePoint columns inside your tenant.
Audit log — never leaves
Every event written to the document's audit log is stored in SharePoint alongside the document. No parallel audit-log database at our layer.
Version history — never leaves
Minor and major versions use SharePoint's native versioning engine. Versions are stored with the document, in your tenant.
DocuSign transit (when enabled)
When PAdES signing is used, the document transits DocuSign for the signing ceremony — then returns to SharePoint. DocuSign has its own regional hosting; we recommend DocuSign EU region for EU tenants.
Operational telemetry
System telemetry about our layer's operation (error rates, API latency, performance) is collected at our vendor level. This telemetry does not include document content, metadata values, or user identities beyond what's needed for troubleshooting a specific issue.
GDPR / EU
EU Data Boundary for Microsoft 365
Microsoft's EU Data Boundary is the commitment that EU-based M365 tenants store their customer data within EU data-centers, with certain support and incident-response data also kept in the EU. This is the posture most EU customers rely on for GDPR data-residency compliance.
docs365.ai inherits this posture automatically. Because our layer operates on documents in-place inside your tenant, your tenant's EU Data Boundary coverage applies to docs365.ai-governed documents without us adding new data-transfer surface.
Customers with stricter requirements — for example, customers restricted to specific EU member states, or customers who cannot tolerate any transatlantic data transfer even for support purposes — should review Microsoft's EU Data Boundary documentation in detail with their legal team. We don't override Microsoft's posture; we inherit it.
Regulatory mapping
Residency expectations by regime
| Regime | What it expects | How docs365.ai satisfies it |
|---|---|---|
| GDPR | EU personal data stays in the EU, or covered by SCCs + supplementary measures | EU Data Boundary on EU-provisioned tenants; Microsoft's DPA + SCCs as baseline |
| HIPAA | No explicit residency; covered entities set their own policies (often US-residency) | Inherits your tenant region; Microsoft BAA covers M365 irrespective of region |
| 21 CFR Part 11 | No explicit residency; records must be retrievable + auditable | Retrieval is a function of platform storage — no residency constraint |
| NIS2 | Essential-service data subject to member-state sovereignty expectations | EU Data Boundary + member-state-specific M365 options where available |
| Italian public-sector (AgID) | Specific Italian residency expectations for certain workloads | Microsoft Italy data-centers available; verify at M365 admin center |
Honesty
When the default posture isn't enough
A few scenarios where the default "tenant-region residency" model doesn't quite fit, and what to do about each:
Sovereign-cloud requirements
Some national-security or defense workloads require sovereign-cloud deployments (for example, Microsoft Cloud for Sovereignty). docs365.ai can run in those environments; requires specific provisioning.
DocuSign residency mismatch
Default DocuSign hosting is US-based. EU tenants typically enable DocuSign EU region during configuration. If your residency requirements prohibit any transatlantic transit, don't enable DocuSign.
Support-data transfer
When a customer opens a support ticket, diagnostic information about their specific issue may be reviewed by our engineering team outside the tenant's region. Customers with strict constraints can opt out of non-regional support.
Third-country data transfers
If your organization has workflows that require data transfer to third countries (e.g. subsidiaries outside the EU), the transfer mechanisms are between your tenant and the destination — not added by our layer.
Specific residency question for your team?
Sector-specific residency rules, cross-border concerns, sovereign-cloud requirements — all routine topics for us. A 30-minute call is the fastest way to get a precise answer for your specific scope.