Data Residency

Configure where your organization's data is stored to meet regional compliance requirements and data sovereignty regulations.

Overview

Data residency controls allow organizations to specify which geographic region their data should be stored in. This is important for compliance with regulations like GDPR (Europe), PDPA (India), and other data sovereignty laws that require personal data to remain within specific jurisdictions.

Testify supports multiple data regions, and organization administrators can select their preferred region based on their compliance needs.

What Is Data Residency

Data residency refers to the physical location where your organization's data is stored and processed. When you select a data region, the following data is subject to the residency setting:

User account information (names, emails, phone numbers)
Questions and question bank content
Exam definitions, submissions, and results
Student performance data and analytics
Certificates and report cards
Uploaded files and documents
Audit logs and activity records

Tip: Data residency affects where data is stored at rest. Data may still transit through other regions during processing, depending on your network topology and CDN configuration.

Available Data Regions

Testify maintains data centers in multiple regions. Each region has:

Region ID -- a unique identifier (e.g., us-east, eu-west, ap-south)
Display Name -- a human-readable name (e.g., "US East", "EU West", "Asia Pacific - Mumbai")
Description -- details about the data center location and certifications
Active Status -- whether the region is currently available

Viewing Available Regions

Navigate to "Settings" > "Data Residency"
The page lists all active data regions with their descriptions
Your current region is highlighted

You can also view regions without authentication -- the region list is a public endpoint useful during organization registration.

Checking Your Current Data Region

Go to "Settings" > "Data Residency"
Your current configuration shows:
- Current Region -- the selected data region
- Region Name -- human-readable name of the region
- Region Description -- details about the data center
- Enforcement Status -- whether the region is enforced (locked by a super admin)

Configuring Data Residency

Who Can Change the Data Region

Org Admins and Org Owners can change the data region if enforcement is not active
Super Admins can change the data region for any organization, even if enforcement is active

Changing Your Data Region

Go to "Settings" > "Data Residency"
Click "Change Region"
Select your desired region from the dropdown:
- Each region shows its display name and description
- Only active regions are available for selection
Click "Save"
Confirm the change when prompted

Tip: Changing data regions may involve a data migration process. Plan region changes during low-usage periods to minimize impact on users.

Enforcement Mode

When data residency enforcement is enabled for an organization:

Only super admins can change the data region
Org admins see the current region but cannot modify it
The enforcement flag is displayed as "Enforced" in the settings

This is typically enabled for organizations with strict compliance requirements where the data region should not be changed without platform-level approval.

Compliance Considerations

For organizations with EU-based users:

Select a data region within the European Union (e.g., "EU West")
Enable enforcement to prevent accidental region changes
This ensures personal data of EU residents stays within the EU

Data Protection Laws by Region

Region	Applicable Laws	Recommended Data Region
European Union	GDPR	EU West, EU Central
India	PDPA, IT Act	Asia Pacific - Mumbai
United States	State-level (CCPA, etc.)	US East, US West
United Kingdom	UK GDPR, DPA 2018	EU West (UK)
Australia	Privacy Act 1988	Asia Pacific - Sydney

Tip: Consult your legal team to determine which data residency requirements apply to your organization. Testify provides the technical controls, but compliance decisions should be made with legal guidance.

Data Residency for Resellers

Resellers managing multiple organizations can configure data residency per organization.

Setting Region During Organization Creation

When creating a new organization through the reseller portal
Select the "Data Region" during the setup wizard
Optionally enable "Enforce Data Residency" to lock the region

Managing Regions for Sub-Organizations

Go to "Reseller" > "Organizations"
Select the organization
Navigate to "Settings" > "Data Residency"
Change or enforce the data region as needed

Data Migration Between Regions

When changing data regions, the following process occurs:

Before Migration

The system validates the target region is active and available
A pre-migration check estimates the data volume to be moved
Users are notified of the upcoming migration (if configured)

During Migration

Data is copied to the new region
The system verifies data integrity after the copy
DNS and routing are updated to point to the new region
Old region data is retained temporarily as a backup

After Migration

The organization's data region setting is updated
Users may need to re-authenticate (their tokens point to the previous region)
Old region data is deleted after a retention period

Tip: Data migration duration depends on data volume. Small organizations migrate in minutes; large organizations may take several hours.

API Reference

List Available Regions

GET /api/v2/data-regions

Returns all active data regions. This endpoint does not require authentication.

Get Current Data Residency

GET /api/v2/org/data-residency

Returns the current organization's data region and enforcement status. Requires authentication.

Update Data Residency

PUT /api/v2/org/data-residency

Changes the organization's data region. Requires org admin or super admin role. Body:

{
  "data_region": "eu-west"
}

Monitoring Data Residency

Audit Trail

All data residency changes are logged in the audit system:

Go to "Admin" > "Audit Logs"
Filter by component = "Organization"
Look for events related to data region changes

Compliance Reports

Generate compliance reports showing:

Current data region for the organization
History of region changes
Enforcement status
Data types stored in the region

Troubleshooting

Cannot Change Data Region

Verify you have the Org Admin or Org Owner role
Check if enforcement is enabled -- only super admins can change enforced regions
Ensure the target region is active and available

Data Region Shows as "Default"

The organization has not been assigned a specific data region
Data is stored in the platform's primary data center
Select a specific region if compliance requirements dictate

Users Experiencing Latency After Region Change

After a region change, data is served from the new location
Users geographically distant from the new region may experience higher latency
CDN and caching layers typically minimize this impact
Consider whether the region change was necessary given the latency trade-off

Enforcement Not Taking Effect

Verify the data_residency_enforced flag is set to true in organization settings
Only super admins can set or remove enforcement
Check the audit logs to confirm the enforcement change was applied

Overview​

What Is Data Residency​

Available Data Regions​

Viewing Available Regions​

Checking Your Current Data Region​

Configuring Data Residency​

Who Can Change the Data Region​

Changing Your Data Region​

Enforcement Mode​

Compliance Considerations​

GDPR (General Data Protection Regulation)​

Data Protection Laws by Region​

Data Residency for Resellers​

Setting Region During Organization Creation​

Managing Regions for Sub-Organizations​

Data Migration Between Regions​

Before Migration​

During Migration​

After Migration​

API Reference​

List Available Regions​

Get Current Data Residency​

Update Data Residency​

Monitoring Data Residency​

Audit Trail​

Compliance Reports​

Troubleshooting​

Cannot Change Data Region​

Data Region Shows as "Default"​

Users Experiencing Latency After Region Change​

Enforcement Not Taking Effect​