Your Data, Your Rules: Data Sovereignty in the Age of SaaS ERP

The Lock-In Trap
When a software vendor wants to retain customers, the most effective strategy isn't a great product — it's making the exit painful. Proprietary data formats, export fees, support tickets that take weeks to process, APIs that are read-only but not write-compatible with any other system.
The technical term is "data lock-in." The practical consequence is that you're paying for software you no longer want, because the cost of leaving exceeds the cost of staying.
Ops was architected to make this impossible.
What Data Sovereignty Means in Practice
Data sovereignty is not just about where your data is stored — it's about whether you have meaningful control over it at all times.
For Ops, this means three guarantees:
1. Standard Format: Your data lives in PostgreSQL. Not a proprietary binary. Not a custom document format. Not a vendor-specific API structure. Plain PostgreSQL — the most widely supported relational database in the world, with decades of tooling, migration utilities, and hosting options.
2. Full Export on Demand: At any moment, from the admin dashboard, you can export your entire dataset as a clean PostgreSQL dump or as CSV files for every table. No support ticket. No export fee. No 30-day waiting period. The export is available immediately.
3. Readable Schema: The Ops database schema is fully documented and available to you. You can query your own data directly with any PostgreSQL-compatible tool — PgAdmin, Metabase, Grafana, your own custom scripts. You don't need to go through the Ops API to access your data.
GDPR, LGPD, and Data Residency
For businesses operating under GDPR (Europe), LGPD (Brazil), or similar regulations, data residency is not optional — it's a legal requirement. Customer personal data must be stored in specific geographic regions, and you must be able to demonstrate control over that data.
With Ops self-hosted, your data never leaves your infrastructure. You choose the physical location of your servers. You control access. You can provide regulators with direct proof of data location and access controls.
With Ops Cloud, you choose your deployment region (currently: North America, Europe, LatAm), and data is contractually guaranteed not to cross regional boundaries.
The Right to Be Forgotten
GDPR Article 17 gives individuals the right to request deletion of their personal data. In a complex ERP system with dozens of interlinked tables, implementing "right to be forgotten" is notoriously difficult.
Ops handles this through a dedicated data erasure API:
```bash
ops privacy erase-customer --customer-id
```
This command:
- Pseudonymizes the customer record (replaces PII with a one-way hash).
- Removes personal data from all linked records across addons.
- Preserves financial audit records (required by tax law) with the PII removed.
- Generates a compliance report documenting what was erased, when, and by whom.
The financial records are preserved (you're legally required to keep them), but they're no longer linkable to a real individual.
Portability Between Deployments
If you start on Ops Cloud and decide to move to self-hosted, or move to a different Ops partner's hosting, the migration is fully supported:
```bash
# Export from current deployment
ops backup create --format full --include-addons
# Import to new deployment
ops backup restore --input backup.tar.gz
```
The backup includes your data, your addon configurations, your user accounts, your custom roles and permissions — everything. The new deployment is identical to the old one. There is no "migration project." There is no consultant required.
An Auditable Data Trail
For regulated industries, knowing where your data went is as important as knowing where it is now. Ops maintains a full data access audit log — every API call that read or wrote your data, timestamped, with the authenticated user and IP address.
This audit log is immutable, append-only, and stored separately from the main database so that even an admin user cannot retroactively edit it. It's available as a raw export for compliance audits.
Data sovereignty is not a feature. It's a commitment. Ops is built on it.
Ready to try Ops?
Create your account, install what you use, and start selling today.
Start free in 5 minutes