Use case · Compliance & Data Sovereignty
Geographic and jurisdictional control enforced mathematically, not procedurally. Shard placement rules enforce residency at write time, and no single jurisdiction holds reconstructable data.
Requirement to architecture
| Requirement | How the architecture satisfies it |
|---|---|
| Data residency | Shard placement rules enforce country and region boundaries at write time |
| Cross-border transfer (GDPR, Schrems II) | No single jurisdiction holds reconstructable data |
| Right to be forgotten (GDPR Art. 17) | Cryptographic shredding renders data unrecoverable globally |
| Sovereign cloud mandates | Fragments distributed only across approved national or regional providers |
| Sector rules (HIPAA, PCI-DSS, CMMC, ITAR, FedRAMP, DORA) | Geographic and confidentiality controls enforced architecturally |
| Audit & evidence | Immutable storage-layer records prove residency and access controls |