Maktab supports deployment in any region including MENA-compliant hosting on AWS Bahrain, AWS UAE, Azure UAE North, and fully on-premises. Your data never leaves your chosen region.
A complete map of every data type, its storage location, encryption status, and whether it can be regionalized.
| Data Type | Storage Location | Encrypted | Can Be Regionalized |
|---|---|---|---|
| Ticket content | MySQL database (your server) | At rest (AES-256) | Yes |
| File attachments | S3-compatible storage (configurable) | At rest + in transit | Yes |
| Session tokens | Redis / database (your server) | In transit (TLS) | Yes |
| Audit logs | MySQL database (your server) | At rest | Yes |
| Email queue | Database queue (your server) | In transit | Yes |
| AI prompt / response | OpenAI API (optional, can disable) | In transit | Partial |
| Push notifications | Firebase FCM (optional) | In transit | Optional |
| CSAT surveys | MySQL database (your server) | At rest | Yes |
Rows marked "Partial" or "Optional" relate to third-party cloud services. Each can be individually disabled — see the Subprocessors section for opt-out instructions.
Deploy in any of these regions — or bring your own. Maktab has no infrastructure vendor lock-in.
PDPL-aligned and NCA ECC-compliant hosting for organizations under Saudi Arabia's regulatory jurisdiction. Data never leaves the Gulf region.
UAE IA and TDRA-compliant hosting. Purpose-built for UAE data sovereignty requirements with local AWS infrastructure.
Microsoft UAE sovereign cloud option. Suitable for organizations already on the Microsoft ecosystem or with Azure-specific procurement requirements.
Full data sovereignty with no data leaving your network. Your hardware, your jurisdiction, your security perimeter. Supported with a standard deployment checklist.
Any cloud provider, any region worldwide. Maktab's architecture is cloud-agnostic — no vendor lock-in. Bring your own infrastructure and compliance posture.
Maktab's deployment model supports the data localization requirements of major MENA regulatory frameworks.
| Country | Regulation | Maktab Compliance |
|---|---|---|
| Saudi Arabia | NCA ECC, PDPL |
Supported via on-premises deployment or AWS Bahrain (me-south-1). All data remains within the Kingdom's jurisdiction. |
| UAE | UAE IA, TDRA |
Supported via AWS UAE (me-central-1) or Azure UAE North. Local data residency confirmed at infrastructure level. |
| Kuwait | CSR Framework |
Supported via on-premises deployment or AWS Bahrain as the nearest compliant region. |
| Qatar | MOTC Data Protection |
Supported via on-premises deployment within Qatar's network perimeter. No cross-border data transfer occurs. |
| Egypt | NTRA guidelines |
Supported via on-premises deployment or regional cloud infrastructure hosted within Egypt or adjacent compliant regions. |
Regulatory compliance is a shared responsibility. Maktab provides the technical controls; your organization remains responsible for appropriate configuration, access management, and contractual obligations.
Third-party services that may receive data as part of Maktab's optional features. All can be individually disabled for full data sovereignty.
AI triage, smart reply suggestions. Ticket content (anonymizable before sending).
Infrastructure (optional cloud hosting only). Infrastructure-level data if using AWS-hosted plan.
Email delivery. Sender / recipient email addresses and subject line only.
SMS / Voice channels. Phone numbers only — no message body sent to Twilio.
Push notifications. Device token only — no ticket content transmitted.
Full-text search index. Ticket titles and KB article titles only.
Settings > AI Features > Disable.
Choose the model that matches your data sovereignty, compliance, and operational requirements.
Maktab hosted in your chosen AWS or Azure MENA region. Fastest setup, zero infrastructure management. Data stays in-region from day one.
Fastest setupInstall on your own servers in your own data center. Full data sovereignty — no data leaves your network perimeter. Supported with a production deployment guide.
Full sovereigntyCore ticket data and audit logs on-premises inside your network. Optional cloud services (email relay, push notifications) routed via your chosen provider.
ConfigurableOur technical team can walk your procurement, legal, or security team through exactly how data flows in your chosen deployment model — and provide supporting documentation for your DPA or regulatory submission.
Request a Briefing View Trust Center