Data residency

Your data stays in its region. By architecture.

DMARCER is built region-first, on our own infrastructure. You choose where a customer's reporting data lives, and it is processed and stored there, not pooled into a single global database. That is residency designed into the platform, not a line in a policy.

8

Regions on our own infrastructure

In region

Reports processed and stored where you choose

Our own

No third-party cloud host for the core platform

Residency by architecture, not by promise

Most platforms run in one big cloud region and describe residency as a policy. DMARCER runs its own servers in each region, so a customer's reports are received, processed and stored on the servers in the region you selected for them. The analytical databases stay in that region and are not copied or transferred elsewhere.

For organisations with GDPR, NIS2 or DORA obligations, that is a difference you can point at rather than take on trust. For an MSP serving clients across jurisdictions, it means each client's data can sit exactly where that client needs it.

  • You choose the region per customer
  • Reports never leave the region they arrive in
  • Regional databases are not copied between regions
  • One management layer for control, regional stores for data

How the split works

Account details, logins and billing sit in our UK and EU management layer. The reporting data itself, including DMARC aggregate (RUA), forensic (RUF) and MTA-STS data, lives on the dedicated servers in the region you picked. When you view a customer's data, the management layer fetches it from that regional store to show you, then displays it. The data is accessed in place; it is not relocated to run the platform.

  • Management layer: accounts, logins, billing (UK and EU)
  • Regional store: the customer's reporting data
  • Viewed in place, retrieved on request, not pooled
  • Retention you control, per customer

Where your data can live

8 regions on our own infrastructure, so your data is processed close to home and stays in its jurisdiction.

Africa
Asia Pacific
Australia
Canada
Europe
South America
United Kingdom
United States

If you run your own domains

Keep your reporting data in your own jurisdiction, with retention you set, so your email-security tooling supports your GDPR position instead of complicating it.

If you protect clients

Place each client's data in the region they need, and show them exactly where it sits. A clean, per-client residency story you can stand behind in a review.

See how DMARCER handles your data

Read our approach to security and residency, or run a free check on your domain.

Security & trust Check your domain
Free domain check

Check your domain security

See how your domain's security compares to your competitors.