What it means
Data residency refers to where customer data is physically stored: which country, which region, which specific cloud-provider data centre. Some jurisdictions require certain data to remain within their borders (Singapore for some financial data, EU under GDPR for some categories, Australia for healthcare). Other industries have de facto residency expectations even when the law does not strictly require it.
Most modern cloud platforms (AWS, GCP, Azure) and most modern SaaS vendors offer data-residency options: a customer can specify their data must be stored in EU, US, or APAC infrastructure. This often costs more and limits which features are available.
Why it matters
For regulated industries (healthcare, finance, government, defence), data residency is a procurement gate. A vendor that cannot guarantee data stays in-country will not pass the security review.
For everyone else, residency still matters in two ways: latency (data closer to your users is faster) and trust (some customers explicitly prefer their data to stay local).
Example
A Singapore healthcare group evaluates two AI-agent vendors. Both offer similar features, similar pricing. One can guarantee that all patient conversation data stays on Singapore-based infrastructure (AWS Singapore region, no cross-border replication); the other replicates data globally. The healthcare group picks the residency-compliant vendor without further negotiation.