Network & Data Residency
Where your data lives, how networking is configured, and what guarantees you can rely on.
Data Residency
Customer Data — Lives in Your Tenant
All customer data resides in Azure resources you own:
| Data | Where It Lives |
|---|---|
| Users, workspaces, projects, apps, configurations | SQL Database |
| Conversation history, tool call records | SQL Database |
| User-uploaded files, application state | Blob Storage |
| Secrets, certificates, credentials | Key Vault |
| Model deployments, inference | AI Foundry |
| Application logs, telemetry | Log Analytics + Application Insights |
The Data Residency Guarantee
Customer data does not leave your Azure tenant. This is not a policy — it’s the architecture. There is no data pipeline, no replication, no analytics feed from your resources to Corral’s infrastructure. There is no runtime phone-home.
You can verify this yourself by inspecting your network logs, Azure Activity Log, and resource configurations.
Where Your Data Is Geographically
Your data lives wherever your Azure subscription’s resources are deployed. If you deploy in West Europe, your data is in West Europe. If you deploy in East US, your data is in East US. Corral does not influence or constrain the region — that’s your choice when you set up your Azure subscription.
Network Topology
Current Default
Resources use public endpoints with authentication and firewall rules:
- SQL Server: Allows traffic from the Container Apps Environment’s static IP and Azure Services
- Storage Account: Public access with Azure Services bypass
- Key Vault: Public access with Azure Services bypass
All inter-service communication is authenticated via the managed identity. Public endpoints don’t mean unauthenticated — every connection requires identity-based authorization.
Private Networking (Available)
The Container Apps Environment supports VNet integration. Private networking can be enabled to place all resources behind private endpoints, removing public internet exposure entirely.
This section is a work in progress.
Communication Paths
Between Your Resources (internal)
All Corral components communicate within your Azure tenant:
- Container Apps → SQL Database (Entity Framework, managed identity auth)
- Container Apps → Blob Storage (managed identity auth)
- Container Apps → Key Vault (managed identity auth)
- Container Apps → AI Foundry (managed identity auth)
- Container Apps → Session Pool (code execution)
- Hub/Admin/Widget (browser) → Container Apps API (HTTPS)
Between Your Tenant and Corral’s Infrastructure
| Direction | What | When |
|---|---|---|
| Corral → Your Tenant | GitHub Actions via federated identity | Deployments and updates only |
| Your Tenant → Corral | Container Apps pull images from Corral’s Azure Container Registry | Container startup and updates |
| Your Tenant → Corral at runtime | Nothing | No telemetry, no data, no phone-home |
Between Your Tenant and External Services
| Direction | What | When |
|---|---|---|
| Your Tenant → Azure AI (model inference) | LLM API calls | Every AI interaction |
| Your Tenant → MCP servers | Tool calls to customer-configured MCP endpoints | When agents use MCP tools |
| Your Tenant → OpenAPI endpoints | Tool calls to customer-configured APIs | When agents use OpenAPI tools |
MCP and OpenAPI connections are configured by you and only reach endpoints you specify. Corral doesn’t add external connections you haven’t configured.
Compliance Implications
GDPR
Data stays in your tenant, in your region. No third-party data processor (Corral) receives or stores personal data. Your existing Azure DPA covers the infrastructure.
HIPAA
PHI lives in resources you control. Corral doesn’t access or store PHI. Your BAA with Microsoft covers the Azure resources. Corral’s platform subscription doesn’t involve PHI handling.
EU AI Act
On-tenant deployment means the AI system runs under your organizational control. Audit logs, model decisions, and interaction records are in your tenant for inspection.
Sector-Specific Requirements
For any regulation that requires data residency, data sovereignty, or architectural control over AI systems — on-tenant deployment satisfies the requirement by design because you own and control the infrastructure.
This section is a work in progress.