When a fund manager uploads a target’s confidential information memorandum to a cloud analysis tool, something quiet happens: the most sensitive document in the deal leaves the manager’s control and lands on infrastructure owned by a third party — often in another country, governed by another country’s laws.
For most categories of software, that trade-off is invisible and harmless. For investment due diligence, it is neither.
The question LPs are starting to ask
Limited partners increasingly read a manager’s technology stack as a proxy for operational maturity. “Where does our deal data live, and who can compel access to it?” is no longer an esoteric IT question — it is a diligence question LPs put to the managers they back. A manager who cannot answer it precisely has a gap, and gaps get noticed during fundraising.
The honest answer for most cloud-based tools is uncomfortable: the data lives wherever the vendor’s provider puts it, and access is governed by the vendor’s contracts and the vendor’s jurisdiction — not the fund’s.
Why “the data is encrypted” isn’t the whole answer
Encryption protects data in transit and at rest. It does not change who controls the keys or which legal regime applies to the company holding them. The CLOUD Act — a 2018 U.S. law — allows U.S. authorities to compel U.S.-headquartered providers to produce data they control, regardless of which country the servers physically sit in. A European or Asian fund using a U.S. SaaS vendor inherits that exposure whether or not it ever reads the terms of service.
This is the heart of data sovereignty: data is subject to the laws of the jurisdiction where it is stored and the jurisdiction of the entity that controls it. You cannot contract your way out of a sovereign legal regime.
What multi-tenant SaaS structurally cannot offer
The multi-tenant SaaS model exists precisely because one shared environment serving thousands of customers is cheap to run. That efficiency is also the constraint: shared infrastructure means the vendor — not the customer — decides where data lives, who operates it, and what happens to it. A fund can negotiate a data-processing addendum, but it cannot relocate the vendor’s servers or dissolve the vendor’s lawful obligations.
For a manager whose entire credibility rests on handling confidential deal information responsibly, “trust our vendor’s posture” is a weak position to take to an LP or a regulator.
The alternative: control by design
The structural fix is to stop renting shared infrastructure for the most sensitive workload. Self-hosted infrastructure — where the fund, or a provider acting solely for that fund, controls the servers and the data — puts the residency decision back where the accountability already sits: with the manager.
That is the model DiligenceWorks is built on. Deal analysis runs on infrastructure dedicated to a single client, deployed in a jurisdiction the client chooses. The data does not enter a shared pool, and there is no third-party tenant relationship for a foreign legal order to reach through.
Data residency is not a feature to bolt on later. It is an architectural decision that is either made at the start or not available at all.
Questions about where deal data lives and which jurisdiction applies? See our data sovereignty FAQ or book a discovery call.