title: Where is my data hosted? Workspace isolation explained category: Getting Started tags: data residency, data hosting, workspace isolation, security priority: Normal
Where is my data hosted? Workspace isolation explained
Certification Center is cloud SaaS running in Microsoft Azure. This article explains where your data lives, how your workspace is isolated from every other customer, how connections and credentials are protected, and what happens to your data if you leave. We aim to be specific rather than to wave a badge, so security reviewers get real answers.
A database per customer
Every customer gets their own database with its own SQL credentials, not a shared table with a tenant column. One customer's login cannot read another customer's data, because it is scoped to a different database entirely. Isolation is enforced by the boundary itself, not by a query filter someone has to remember to write.
That is what we mean by an isolated cloud workspace: from the first minute after signup, your identities, connections, campaigns, and audit history sit in a database that is yours alone.
Where it runs
| Question | Answer |
|---|---|
| Cloud provider | Microsoft Azure |
| Data store | Azure SQL |
| Region | We can confirm the specific region for your tenant on request |
| Encryption in transit | All traffic is HTTPS, with HSTS and TLS |
| Encryption at rest | Azure SQL transparent data encryption |
Read-only by default
A connection to your directory can only read until you explicitly enable write-back on that specific connection. Discovery, certification, and reporting never need write access, so for most of what the platform does, it simply cannot change anything in your environment. Write-back is opt-in, per connection, on your terms. See Least-privilege permissions for each connector.
Credentials are encrypted and never logged
The directory and service credentials you enter (for example, an Entra client secret or a Google service account key) are encrypted at rest and decrypted only to make the connection you configured. They are never written to logs, never shown back to you in the clear, and never leave your tenant's boundary.
Backups and recovery
Tenant databases run on Azure SQL with point-in-time restore, so a database can be rolled back to a moment within the retention window if something goes wrong.
What happens to your data if you leave
We do not hold your data hostage, and we do not keep it indefinitely once you are gone:
- You can export your data while your tenant is active
- On cancellation, your tenant goes read-only for a grace period so you can still export
- After the grace period, the tenant database is deleted
Who can see your data
Routine operation does not require anyone on our side to read your tenant data. When support genuinely needs to act on your account, that access is break-glass and logged, a deliberate, recorded action rather than standing access. Staff access to the operations console requires multi-factor sign-in, and staff roles are scoped, so a support agent handling a ticket does not get customer-administration powers.
Are you SOC 2 certified?
We will be straight with you: formal SOC 2 attestation is on the roadmap, not in hand today. We complete security questionnaires on request, and we would rather earn a mid-market team's trust with a specific, honest answer than a logo we have not verified.
Important: If your security review needs details beyond this page, email support@certification-center.com with your questionnaire and we will answer specifics.
Troubleshooting and common questions
- Which region is my data in? Ask support and we will confirm the region for your tenant.
- Can Certification Center change my directory? Not unless you explicitly enable write-back on a connection. Everything else is read-only.
- Can another customer see my data? No. Your data is in a separate database with separate credentials.