Data Residency & Hosting

Default Hosting

• Customer platform data is stored and processed in a single EU region on Google Cloud by default.
• We do not replicate customer platform data outside the EU by default.
• Customer access (employers and candidates) may occur globally; data location and user access location are not the same thing.
• Backups and logs are configured to remain in the EU.

Cross-Border Transfers

Where personal data is transferred internationally (for example, to subprocessors operating outside the EU), we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or other contractual transfer mechanisms, and apply risk-based technical and organisational measures. Details of our subprocessors are available on our Subprocessor List page.

KSA Deployment Option

If a customer requires Saudi in-country deployment for procurement or regulatory reasons, we can provide a dedicated KSA deployment option. This deployment uses Google Cloud's me-central2 (Dammam) region, which is available to KSA-based customers purchasing through CNTXT. Support and billing constraints may apply under CNTXT procurement.

KSA in-country deployment is available as a dedicated tenant option for qualifying enterprise and regulated procurement needs, subject to region access and commercial eligibility.

Website vs Platform

Marketing website data (such as cookies and analytics) is collected and processed separately from hiring platform data. The tools and services used for our marketing website do not process candidate personal data submitted through the hiring platform.

Questions

For questions about data residency, hosting, or to request our security and compliance materials, please contact us at privacy@navero.me.