The Data-Residency Fiction
Compliance teams assert residency they cannot prove. Edge logic can route and store data by jurisdiction at request time, making the promise enforceable rather than aspirational.
The pain
"EU data stays in the EU" is usually an honor-system promise no one can actually prove.
The fix
Route each write to the in-jurisdiction D1 store at request time. Residency enforced, not asserted.
So what
Pass GDPR audits with proof, unblock EU deals, and avoid "we thought it stayed in-region" fines.
Try it
Write a record as a user in…
The edge reads the jurisdiction and routes the write to the D1 database physically located there.
🇪🇺 EU store
🇺🇸 US store
Two real Cloudflare D1 databases with location hints (Western Europe + Eastern North America). In production the country comes from request.cf.country automatically, no picker needed.
How it works
Route each write to the data store in the visitor's own jurisdiction, decided at the edge.
Add it to your site
~20 lines + 2 D1 bindingsconst country = request.cf.country; // free, at the edge
const eu = ['DE', 'FR', 'IE', 'NL' /* …EEA */];
const db = eu.includes(country) ? env.RESIDENCY_EU : env.RESIDENCY_US;
await db.prepare('INSERT INTO records (data) VALUES (?)').bind(payload).run();"d1_databases": [
{ "binding": "RESIDENCY_EU", "database_name": "app-eu" }, // created --location weur
{ "binding": "RESIDENCY_US", "database_name": "app-us" } // --location enam
]Official Cloudflare docs