Firstly, I’ll share with your our Terms of Service and GDPR Statements.
In our ToS, statement 4 indicates that we expect our customers to comply with federal and state law in San Francisco, CA, US.
Our GDPR statement illustrates that we are committed to complying with the regulation. It is worth noting that there are scenarios where an account owner would be the data controller and safeguarding/preservation of these datasets is your responsibility.
To answer your question specifically, I need to ask – what’s your definition of data sovereignty? If you are referring to owning the content which you share with us then yes, you maintain data sovereignty. If you are referring to the law in which customers, and we, adhere to, then I would refer you back to statement 4 of our ToS.
We can remove all data in accordance with our GDPR policy, upon request, at any time.
If you wished to discuss this further, particularly with a view to specifically outline your requirements as part of an Enterprise agreement (where we can provide custom contracts), I’d be happy to forward this to our sales team.
Our ‘hub of operations’ is west-coast US-based. Our CDN, where data is cached for quick retrieval, is global.