United States data residency is the default for all new fsckmsft workspaces. If your team is based in the US, or if you have no specific data localisation requirements, no configuration is needed — your data is already stored and processed within the United States from day one.
Infrastructure details
| Setting | Value |
|---|
| Cloud provider | AWS |
| Primary region | us-east-1 (Northern Virginia) |
| Failover region | us-west-2 (Oregon) |
| Data at rest encryption | AES-256 |
| Data in transit encryption | TLS 1.3 |
us-west-2 provides disaster recovery capability while keeping data within the United States.
No configuration required
US data residency is the default for all fsckmsft workspaces. When you create a new workspace without selecting a data region, your workspace is provisioned in us-east-1 automatically.
You can confirm your workspace’s active data region at any time in Settings → Workspace → General → Data Residency.
CCPA compliance
The California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), grant California residents specific rights over their personal information. fsckmsft’s practices support CCPA compliance as follows:
Your CCPA rights
| Right | How to exercise it |
|---|
| Right to know what personal information we collect | Review our Privacy Policy or email privacy@fsckmsft.org |
| Right to delete personal information | Use the Delete Account flow or email privacy@fsckmsft.org |
| Right to opt out of sale | fsckmsft does not sell personal information — no action needed |
| Right to non-discrimination | fsckmsft does not discriminate based on CCPA right exercises |
| Right to correct inaccurate information | Update in Account Settings or email privacy@fsckmsft.org |
| Right to limit use of sensitive personal information | Email privacy@fsckmsft.org |
Authorised agent requests
California residents may designate an authorised agent to submit CCPA requests on their behalf. To submit a request via an authorised agent, the agent must provide written proof of authorisation and we may require additional verification from the individual. Submit agent requests to privacy@fsckmsft.org.
Do Not Sell or Share
fsckmsft does not sell or share personal information with third parties for cross-context behavioural advertising purposes. No opt-out action is required.
US data residency and other regulations
In addition to CCPA, US-resident workspaces may be relevant for organisations subject to:
- HIPAA — fsckmsft is not currently a HIPAA-covered entity and does not offer a Business Associate Agreement (BAA). Do not store Protected Health Information (PHI) on fsckmsft without first confirming compliance coverage with our legal team.
- FedRAMP — fsckmsft does not currently hold FedRAMP authorisation. US federal agencies requiring FedRAMP-authorised solutions should contact sales@fsckmsft.org to discuss roadmap.
- SOC 2 Type II — fsckmsft maintains SOC 2 Type II certification. Request the current report from security@fsckmsft.org under NDA.
Latency considerations
US data residency provides the best performance for teams primarily located in North America or South America.
- US-based users: 10–40ms API response times from most North American locations
- EU-based users accessing US workspaces: 80–150ms additional latency compared to EU-resident workspaces
- APAC-based users accessing US workspaces: 150–300ms additional latency
For globally distributed teams with a significant APAC presence, consider APAC data residency or contact sales to discuss a multi-region deployment. 
