Beta Trade effort for impact with Runway’s AI analyst

Data storage locations

Last updated: July 25th, 2025

Overview

This page provides information about where your personal data is stored and processed when you use our services, in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Primary Data Storage Locations

Google Cloud Platform

Location: European Union (EU) and United States
Data Types: Application data, user profiles, transaction records, analytics data
Security Measures: Data encrypted in transit and at rest, SOC 2 Type II certified infrastructure
Data Transfer Safeguards: Standard Contractual Clauses (SCCs) for EU-US transfers

Merge (Third-Party Integration Platform)

Location: United States
Data Types: Integration logs, synchronized customer data, API connection data
Security Measures: Enterprise-grade encryption, regular security audits
Data Transfer Safeguards: Standard Contractual Clauses (SCCs), Privacy Shield successor framework compliance

Workato (Third-Party Integration Platform)

Location: United States and Singapore
Data Types: Workflow data, automated process logs, integration metadata
Security Measures: SOC 2 Type II compliance, end-to-end encryption
Data Transfer Safeguards: Binding Corporate Rules (BCRs), Standard Contractual Clauses (SCCs)

FiveTran (Third-Party Integration Platform)

Location: United States, but EU, Canada, Australia, Singapore, Indonesia, India, and Japan available on request
Data Types: Integration logs, synchronized customer data, API connection data
Security Measures: End-to-end encryption in transit and at rest, column blocking and hashing for PII protection, SOC 2 Type II, PCI DSS Level 1, HITRUST certification, customer-controlled data access
Data Transfer Safeguards: EU-US/UK-US/Swiss-US Data Privacy Framework certification, Standard Contractual Clauses (SCCs), Transfer Impact Assessments available

Snowflake (Data Storage)

Location: USData Types: Synchronized customer data
Security Measures: Dynamic data masking with RBAC, Time Travel recovery, end-to-end encryption, SOC Type II, FedRAMP, HITRUST CSF certifications
Data Transfer Safeguards: Data Privacy Framework certification, Standard Contractual Clauses incorporated into DPA, Transfer Impact Assessments

Additional Service Providers

We may use other third-party services that store data in various locations including:

  • United States: Analytics platforms, customer support tools, marketing automation
  • European Union: Compliance monitoring, backup services
  • Other regions: As disclosed in our Privacy Policy or through separate notice

Data Transfer Mechanisms

When your personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): EU-approved contract terms that provide adequate protection
  • Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
  • Binding Corporate Rules: Internal policies approved by data protection authorities
  • Explicit Consent: Where legally required and obtained

Your Rights Regarding Data Location

Under GDPR, you have the right to:

  • Know where your personal data is stored and processed
  • Request that your data processing be restricted to specific locations (where technically feasible)
  • Object to processing in certain locations
  • Request data portability
  • Access, rectify, or delete your personal data regardless of storage location

Data Residency Requests

If you require your data to be stored in a specific geographic location due to regulatory requirements or business needs, please contact us at security@runway.com. We will assess the feasibility of accommodating such requests on a case-by-case basis.

Security Across All Locations

Regardless of storage location, all personal data is protected by:

  • Industry-standard encryption (AES-256)
  • Multi-factor authentication
  • Regular security assessments and penetration testing
  • 24/7 monitoring and incident response
  • Compliance with applicable local data protection laws

Changes to Storage Locations

We may change our data storage locations from time to time. When significant changes occur that may affect your rights, we will:

  • Update this page with the new information
  • Notify affected customers via email or account notifications
  • Provide at least 30 days' notice where required by law

Contact Information

For questions about data storage locations or to exercise your privacy rights:

Privacy Team

Email: security@runway.com
Address: 440 N Barranca Ave, #7699, Covina, CA 91723
Phone: (646) 648-2769

Data Protection Officer

Email: kirill.klimuk@runway.com

Regulatory Information

This page is maintained in compliance with:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Other applicable regional privacy laws

For our complete privacy practices, please refer to our Privacy Policy.

This page is reviewed and updated regularly to ensure accuracy. If you notice any discrepancies or have questions, please contact our Privacy Team.