Compliance across regions
Kira is built to meet data-protection requirements in the regions where our customers operate. We align with major privacy laws and offer regional data-residency options on eligible plans.
Data residency
| Region | Residency option | Notes |
|---|---|---|
| United States | US (AWS) | Default for US customers |
| European Union | EU (AWS) | Available on eligible plans |
| United Kingdom | EU/UK safeguards | UK GDPR with SCCs/IDTA where needed |
| Other regions | US (AWS) | Contact us for specific requirements |
Laws and frameworks
| Framework | Status | Scope |
|---|---|---|
| GDPR | Compliant | EU/EEA personal data |
| UK GDPR | Compliant | UK personal data |
| CCPA / CPRA | Compliant | California consumer privacy |
| SOC 2 Type II | In progress | Security, availability, confidentiality |
| ISO/IEC 27001 | Planned | Information security management |
International transfers
Where personal data leaves the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum.
Documentation requests
Eligible customers can request our DPA, sub-processor list, and attestations from legal@kira.ai or security@kira.ai.
References
Frequently asked questions
Quick answers to common questions.
Yes, EU data residency is available on eligible plans. Contact us to enable it for your account.
Yes. We honor access, deletion, correction, and other rights under the GDPR and CCPA/CPRA. See our Privacy Policy.
Yes. Request a Data Processing Addendum from legal@kira.ai.