Data sovereignty
Last updated: March 11, 2026
Note: If these Terms, Policies, or Agreements are available in multiple languages, and any discrepancies exist between translations, the English version shall prevail.
BabySea operates three isolated data regions. This page explains where your data is stored, where compute happens, and how global edge infrastructure fits into the picture.
1. Data regions
When you create a BabySea account, you select a data region. Your account data, generation records, API logs, webhook logs, credit ledger, and consent records are stored in the database and storage infrastructure assigned to that region.
| Region | Data Location | Dashboard | API |
|---|---|---|---|
| US | North Virginia | us.babysea.ai | api.us.babysea.ai |
| EU | Frankfurt | eu.babysea.ai | api.eu.babysea.ai |
| APAC | Tokyo | jp.babysea.ai | api.jp.babysea.ai |
Each region operates its own database, authentication, and storage infrastructure. There is no cross-region data synchronization. Your data stays in the region you selected at sign-up.
The database, authentication, and storage layer is provided by Supabase. Redis caching and API rate limiting is provided by Upstash. Both maintain infrastructure in all three data regions.
2. Edge compute
BabySea's application code runs on Vercel, which operates a global network of edge Points of Presence (PoPs). When you make an API request or load the dashboard, your request is handled at the nearest available PoP.
Vercel's current edge compute locations used by BabySea include:
| City | Country |
|---|---|
| Washington DC | United States |
| Cleveland | United States |
| San Francisco | United States |
| Stockholm | Sweden |
| Frankfurt | Germany |
| London | United Kingdom |
| Tokyo | Japan |
| Hong Kong | China |
| Singapore | Singapore |
Edge compute nodes execute application logic - such as request validation, authentication, rate limiting, and response formatting - close to the caller. They do not store persistent data. All reads and writes go back to the database in your assigned data region.
This means a request from Singapore to a US-region account is computed at the Singapore PoP but reads and writes data in North Virginia.
3. CDN and network layer
Cloudflare provides DNS, CDN, WAF, DDoS protection, and web analytics across all BabySea domains globally. Cloudflare operates over 300 data centers worldwide. Like Vercel's edge compute, Cloudflare processes requests at the nearest edge node for performance and security purposes. Cloudflare does not store persistent customer data.
4. What this means for data sovereignty
| Layer | Scope | Stores persistent data? |
|---|---|---|
| Database & storage | Regional (your selected region) | Yes |
| Redis & rate limiting | Regional (your selected region) | Transient only |
| Edge compute | Global (nearest PoP) | No |
| CDN & WAF | Global (nearest edge) | No |
Persistent data - account records, generation logs, API keys, webhooks, credit ledger, consent records, and output files - is stored only in the data region you selected. It does not replicate to other regions.
Transient processing - request routing, authentication checks, rate limiting, response formatting - may happen at any global edge location, but no persistent customer data is retained at those nodes.
5. Inference providers
When you submit a generation request, BabySea routes it to a third-party inference provider. The provider processes the request and returns the result. Inference providers and their processing locations are listed in the List of subprocessors.
Inference routing depends on the model, media type, and route configuration. Where a provider offers regional endpoints, BabySea routes requests to the endpoint that matches your data region. For example, Black Forest Labs requests from the EU region are sent to the EU endpoint (Germany), and US region requests are sent to the US endpoint. Where no regional endpoint is available, the provider's default location applies. Current provider locations are listed in the List of subprocessors.
6. Analytics
BabySea uses consent-based analytics technologies. Availability varies by region:
| Provider | Purpose | Available in |
|---|---|---|
| Cloudflare Web Analytics | Traffic analytics | All regions |
| PostHog | Product analytics | US, EU |
Analytics data collection requires your consent and can be managed through the cookie consent controls described in the Cookies policy.
7. Summary
Your persistent data lives in one region. Compute and network infrastructure is global for performance and availability, but does not retain your data. For a full list of third-party processors and their locations, see the List of subprocessors.
If you have questions about data location or need specific sovereignty documentation for procurement or compliance, please contact us.