Your Cloud, Your Rules
"Data sovereignty" means you control where your data lives, who can access it, and what happens to it. With iMegha, this isn't marketing — it's how the system is built.
Your Own Cloud Account
Every Personal Cloud user brings their own cloud account. iMegha builds your private infrastructure inside it — file storage, a database, and APIs. You're the account owner. You see everything. You control the billing.
Your data lives where you choose
You choose the cloud region that fits your needs — U.S. East, EU West, wherever your regulations require. All your files, notes, and encrypted messages live in that region — in your cloud account.
If you ever leave iMegha, your data stays put. You can export it, use it with other tools, or simply keep paying your cloud provider directly. No migration, no data hostage.
What Lives Where
Lives in YOUR Cloud
Lives on Our Platform
We NEVER Have
No Vendor Lock-In
Because your data lives in a cloud account that you own:
- You can browse your storage and database directly in the cloud console
- You can export your data at any time using standard tools
- If you stop using iMegha, your data stays in your account
- You control your cloud bill — not us
Deleting everything is simple
Want to delete all your data? Remove the infrastructure from your cloud account and everything is gone. Or simply close your cloud account. iMegha only has your email and locked keys — no content.
Compliance by Architecture
Compliance isn't a feature we added — it's how the architecture works. When the server can't read your data, most regulations are satisfied by default.
GDPR (EU General Data Protection Regulation)
Articles 17, 20, 25 — satisfied natively by the architecture
Art. 17 — Right to Erasure
Remove your cloud infrastructure = all data gone. No request needed. You own the account.
Art. 20 — Data Portability
You own the cloud account. Export anytime using standard tools. No vendor lock-in.
Art. 25 — Data Protection by Design
End-to-end encryption, zero-knowledge architecture. The platform cannot access user data.
Data Residency
You choose your cloud region. Data stays in the jurisdiction you select.
CCPA (California Consumer Privacy Act)
Consumer rights satisfied by design — we can't even read your data
Right to Know
Full audit trail in your cloud. See who accessed what and when.
Right to Delete
Remove your cloud infrastructure and all data is gone instantly.
No Sale of Data
We can't read your data, let alone sell it. Zero-knowledge by design.
HIPAA (US Healthcare)
Technical safeguards addressed architecturally
Data Never on Third-Party Servers
Patient data lives in your own cloud account. Not on iMegha's servers, not on anyone else's.
Encryption at Rest & in Transit
AES-256-GCM client-side encryption + AWS KMS server-side + HTTPS in transit.
Audit Trail
Every share, view, and access event logged in your cloud. Prove compliance with your own data.
Access Controls
Per-file sharing with instant revocation. Only authorized recipients can view.
SOX & Financial Compliance
Audit, integrity, and access controls built into the architecture
Audit Trail
Immutable access log stored in your cloud. Who accessed what, when.
Data Integrity
AES-256-GCM authentication tags ensure data hasn't been tampered with.
Access Logging
Every share and view logged automatically. No manual tracking needed.
Compliance isn't a checkbox — it's the architecture.
When the server can't read your data, most regulations are satisfied by default. No BAAs needed with iMegha — we never have access to your content.
Want the full infrastructure details? Read the Whitepaper