1
Sovereignty & jurisdiction
Your data stays in your jurisdiction, and there is no US door into it.
You select your region. Everything that follows is pinned to it: prompts, files,
outputs, metadata, and the compute that runs over them. Nothing crosses that
border, and nothing runs on US infrastructure to do it.
This is structural, not a setting. The data plane is isolated by jurisdiction at
the architecture level, so one region’s bytes cannot land on another region’s
disk; not by configuration, not transiently, not by accident.
// the CLOUD Act, specifically
Nimbula has no US corporate parent, no US investors, and no US infrastructure in
its data path. The US CLOUD Act compels US-person providers. With none of those
predicates true of us, it has nothing here to reach.
2
Encryption & your keys
Two tiers, and we are precise about which is which.
Most clouds say "encrypted in transit and at rest" and stop there. That model
protects the journey and the disk, but the provider still holds the keys and can
read your data. We split the problem honestly.
we hold ciphertext Sealed vault
client-side · zero-knowledge
You encrypt on your own machine, with a key we never receive. We store
ciphertext. We cannot read it; not for support, not under compulsion, not at
all. There is no key on our side to surrender.
- AES-256, sealed before upload
- X.509 and your own PKI, down to smart cards and government-issued keys
- cold archive, encrypted and air-gapped
readable · region-pinned Processable workspace
search · drafting · inference
Some work has to read your data to do its job. We don’t pretend otherwise. Here
your data is readable only inside your region, on non-US infrastructure, and
every access is written to a tamper-evident log.
- TLS 1.3 in transit
- AES-256 at rest, in your region
- processed only on non-US hardware
- every read recorded, never exported
We will not claim zero-knowledge on data we have to read. The vault is sealed; the
workspace is sovereign. You choose what goes where, and the line between them is the
product, not the fine print.
3
Subprocessors, named
We name our subprocessor. That is a feature, not a footnote.
Vague "audited sovereign partners" language hides the one fact a regulated buyer
most needs. We disclose it plainly.
Subprocessor OVHcloud: French-owned, European. No US parent, no US legal hook.
Canada region Beauharnois, Québec. Canadian data, Canadian jurisdiction.
EU regions Gravelines · Roubaix · Frankfurt, lit as demand warrants. EU workloads land on EU soil, never on the Canadian box.
Inheritance You inherit OVHcloud’s residency guarantees and certifications, disclosed in full and passed through.
4
Compliance frameworks
Built to support the frameworks your auditors hold you to.
Law 25 Québec Single-jurisdiction architecture removes cross-border data-flow documentation from your assessment.
PIPEDA Federal Data handling follows the principles for consent, purpose limitation, and accountability.
GDPR EU region EU-resident data on EU infrastructure, with a signed DPA naming the subprocessor.
SOC 2 / ISO 27001 inherited Inherited from the subprocessor stack today; our own audits come as we grow. We always mark what is ours versus inherited, never blur the two.
// the honest limit
We can’t make your organization compliant; that is your whole security posture,
not one vendor. What we remove is sovereign infrastructure as the gap in it.
5
Access & audit
Authorization and a tamper-evident record, by default.
Access control Role-based access across projects and stored data, enforced server-side.
Sessions Encrypted session tokens, inactivity timeout, automatic logout.
Audit trail Every administrative action and data-access event is logged. In the vault, the log records that access happened, never the content, because we never hold it in the clear.
6
No training, no reading
Your data never trains a model, ours or anyone’s.
Prompts, files, outputs, and workspace contents are never used for training,
fine-tuning, or model improvement. Customer data and any model pipeline are
separated at the architecture level, a hard boundary, not a policy you have to take
on trust.
And in the sealed vault there is simply nothing to train on: we hold ciphertext.
The strongest privacy guarantee is the one we couldn’t break if we wanted to.
Procurement
Ask us anything a procurement team asks.
Architecture diagrams, the data-processing agreement, the full subprocessor list,
the security questionnaire. We’d rather you audit us than trust us; the design holds
up to reading. That is the point of it.
Where things stand, honestly
Nimbula is in private preview. This page describes the architecture we are building
to and the commitments we hold ourselves to. It is not a claim of completed
third-party audits or of capabilities that are not yet live. As each piece ships, we
mark it live, and we will tell you plainly what is operational today versus what is
on the roadmap. A sovereignty product that overstates itself is not one.