OpenAI is expanding data residency support to help organizations meet local regulatory and data protection requirements. More than one million business customers use ChatGPT and OpenAI’s API worldwide, and eligible users of ChatGPT Enterprise, ChatGPT Edu, and the API Platform can now choose to store their data at rest in-region.

Data residency is now available in Europe, the United Kingdom, the United States, Canada, Japan, South Korea, Singapore, India, Australia, and the United Arab Emirates, with more regions planned.

Data residency across ChatGPT Enterprise, Edu, and API

ChatGPT Enterprise and Edu customers can set up new workspaces with regional data storage enabled. This covers conversations, uploaded files, custom GPTs, image artifacts, and other workspace content.

API Enterprise customers approved for advanced data controls can enable data residency through the API Platform dashboard by creating a new project and selecting a region. All requests made through these projects are processed in-region, and model inputs and outputs are not stored at rest.

Security and compliance features

Data residency builds on OpenAI’s existing enterprise protections:

• AES-256 encryption at rest and TLS 1.2+ for data in transit

• Support for customer-managed encryption keys through Enterprise Key Management

• No training on customer data unless organizations explicitly opt in

• Compliance with GDPR, CCPA, CSA STAR, SOC 2 Type 2 and ISO 27001-series certifications

• A comprehensive Data Processing Addendum (DPA) to support regulatory requirements

OpenAI emphasizes that data from API and ChatGPT business products remains confidential, secure and fully owned by the customer. Data residency gives organizations an added layer of control as they deploy AI across their workflows and products.

Businesses can learn more about eligibility and supported data types through OpenAI’s Help Center or by contacting the company directly.