Zero-Copy CDP: Sovereignty – The True Meaning of a Composable CDP

Introduction

In a geopolitical context marked by stricter international data transfer regulations and the assertion of digital sovereignty, marketing and IT departments are reconsidering the role of managed Cloud, Composable, and On-Premise solutions in their activation architectures. The EU Data Act became enforceable on September 12, 2025, redefining access to and use of data from connected devices and services within the EU; it requires organizations to anticipate interoperability and limit technological lock-in.

Meanwhile, China has relaxed but clarified its cross-border transfer requirements (PIPL, CAC regulations 2024-2025) while maintaining strict oversight; Canada continues to evolve its framework (PIPEDA/CPPA). Despite these convergences, the extraterritorial reach of the CLOUD Act continues to raise legal concerns when a service provider is subject to U.S. law.

In this context, public organizations, large corporations, and mid-market companies are seeking activation models that combine data sovereignty, predictable costs, and business autonomy. Scal-e addresses this through a zero-copy approach in Composable CDP mode (database at the client’s site or their hyperscaler, no persistence at the vendor’s end) and an On-Premise option (application + database deployed in the client’s environment); marketing teams operate in no-code on a dedicated unified database that powers CDP, loyalty, marketing automation, clienteling, BI, and distributed marketing.

1. Context

The past six months have confirmed a repoliticization of data. In Europe, the EU Data Act – enacted in 2024 and enforceable since September 12, 2025 – establishes data access and sharing rights and strengthens portability, thereby favoring interoperable and reversible architectures to avoid excessive vendor dependencies.

In China, the 2024-2025 regulations have created exemptions and thresholds that ease certain transfer processes while maintaining documented governance requirements; many brands operating in APAC must combine localization with global views without PII (anonymization/pseudonymization) for central management.

In North America, the debate is structured around Canadian reform (CPPA in progress) and the extraterritorial reach of the CLOUD Act for providers under U.S. jurisdiction – requiring public organizations and certain regulated sectors to examine the hosting and operations chain down to tier-2/3 subcontractors.

In this landscape, SecNumCloud has established itself in France as the trusted cloud standard; several infrastructure operators have obtained certification; ANSSI continues to publish guides and updates, anchoring legal sovereignty within the control perimeter.

Consequence for marketing: multi-country/multi-brand organizations favor zero-copy models (read from source, client-side database) and/or On-Premise to align data localization, access control, and time-to-value. The underlying trend – renewed interest in On-Premise – doesn’t reflect technological nostalgia, but a calculated trade-off between legal risks, security, and TCO.

2. Technical and Legal Challenges

Structural constraints. Distributed systems, real-time pressure (messaging, wallet, ads), and multi-zone governance require a selective exposure model (API, webhooks, SFTP, DB reads), comprehensive logging (audit trail), and robust tenant isolation (dedicated database per client) to prevent data leakage. Privacy by default, role-based segmentation and views, controlled marketing pressure: these elements are no longer optional – they form the backbone of operational compliance.

Triple sovereignty:

• Data sovereignty (where data resides and which PII circulates)
• Technological sovereignty (who controls the software stack and virtualization layers)
• Operational sovereignty (who can disconnect, audit, patch, restore)

This trilogy must be covered contractually (localization, reversibility, operator chains) and technically (isolation, encryption, logs, disaster recovery).

CLOUD Act: It is established that U.S. authorities can, under certain conditions, request access to data held by providers subject to U.S. jurisdiction, even when that data is stored outside U.S. territory. Therefore, for sensitive organizations, it’s prudent to avoid dependency points that would expose identifying data to this legal regime.

Certifications and standards. Depending on sectors and regions, typical combinations include ISO/IEC 27001 for security management, SecNumCloud for trusted cloud, and where applicable, HDS for health data; the goal isn’t to “check boxes” but to operationalize the principles: localization, logging, reversibility, access control.

China/Canada specifics. CAC 2024-2025 developments introduce exemptions and thresholds for certain outbound flows while maintaining the obligation to map and document transfers (PIPL). In Canada, the transition to CPPA continues to require documentation of purposes and rights. In practice, a global view without PII feeds central BI, while PII remains localized – which aligns with a zero-copy CDP.

3. Solutions: Zero-Copy Architecture, On-Premise, and Composable Marketing Cloud

Technical architecture.

In Composable CDP (zero-copy) mode, the database remains with you – cloud database (Snowflake, BigQuery, Redshift, Databricks) or hyperscaler (GCP, AWS, Microsoft Azure, OVHcloud) – with no persistence of your customer data at the vendor; the Scal-e application operates via REST API OpenAPI v3, webhooks, SFTP, and DB reads.

In On-Premise mode, both application and database are deployed in your environment (local IAM, centralized SOC, internal disaster recovery). In all cases, a dedicated unified database (tenant isolation), privacy by default, data virtualization, and distributed processing form the foundation of performance and isolation.

Zero-copy CDP means reading from the source, minimizing copies, and reducing interface costs; combined with composable marketing cloud (CDP + loyalty + omnichannel marketing automation + clienteling + BI + distributed marketing) on a unified database, it eliminates latency and divergence between modules.

Unlike some “composable CDP” approaches closer to reverse-ETL (very useful on the IT side), the no-code layer provides daily autonomy to business teams (segmentation, scoring, aggregates, campaigns, dashboards) without SQL.

Client cases (anonymized).

• French bank: SecNumCloud-aligned architecture; -60% GDPR audit time through log centralization, -40% exposure surface through zero-copy (no persistence at the vendor).
• European insurance: co-located hosting with a European hyperscaler; -35% campaign activation latency, easier internal certification (controlled localization and increased traceability).
• Retail: transition from reverse-ETL pipeline to no-code CDP; segment creation in ten minutes instead of several days/weeks, +12 campaigns per quarter, reactivity multiplied by four.

Economic model. Scal-e doesn’t charge per call (read/write/compute): the architecture avoids exploding billable queries as volumes and frequencies increase, stabilizing budgets. Additionally, sovereign hosting options (dedicated Cloud, HDS, SecNumCloud) are available according to your requirements (including bare-metal to limit unwanted virtualization layers).

4. Implementation & ROI

Roadmap.

• Scoping (2-4 weeks): source mapping, quality analysis, prioritization of reconciliation keys, customer-centric modeling; definition of views by scope (country, brand, network).
• Connection & normalization (4-8 weeks): batch/real-time flows (API/webhooks/SFTP), data virtualization to expose business objects without opening the database to users.
• No-code activation (2-4 weeks): Audience Builder, calculations/aggregates, pressure and exclusions, omnichannel orchestrations.
• Governance & compliance (ongoing): privacy by default, audit logs, audit export and documented reversibility; flow monitoring (OK/Warning/Fail).

Cost transparency.

• CAPEX (On-Premise): servers/bare-metal, DBMS licenses, security (EDR/XDR), disaster recovery, IAM integration; depreciable over three to five years.
• OPEX (Composable/Cloud): application execution, secure connectivity, cloud database storage, potential egress, monitoring.
• Common hidden costs (to anticipate): inter-zone egress, billable queries on certain data warehouses, refactoring of business objects on the BI side, forced version upgrades on external routing.

ROI assumptions. In a European multi-country retail context (base of three million contacts, eighty million events/year), no-code autonomy and reduced latency (segments in ten minutes vs. two weeks) typically enable: +15-25% more campaigns with the same resources, +5-8% revenue per customer through better-calibrated pressure, and -20-30% IT tickets related to extraction/transformation requests. These values naturally vary depending on initial data quality and organizational maturity.

Explicit limitations.

• Zero-copy doesn’t eliminate data quality requirements or local governance constraints (PIPL, contractual clauses).
• On-Premise requires equipped IT teams (patching, monitoring, maintenance) and longer deployment times.
• Non-qualified public cloud remains an option but must be evaluated considering the CLOUD Act and the sensitivity of processed data.

Conclusion

Zero-copy CDP isn’t a slogan: it’s an economy of copies that reduces exposure surface, a composable architecture that aligns business autonomy with governance, and credible reversibility at the enterprise scale. Scal-e extends this principle to the entire platform (CDP, loyalty, marketing automation, clienteling, BI, distributed marketing) on a dedicated unified database, in Composable (zero-copy) or On-Premise, and in Cloud when speed is the priority. The decision no longer pits technologies against each other but weighs degrees of sovereignty, time-to-value, and TCO according to your context.

FAQ

1) What is zero-copy in CDP? Reading data from the source without persistence at the vendor; the database remains with you (cloud database/hyperscaler). Benefits: fewer copies, simplified governance, predictable costs.

2) Composable CDP vs reverse-ETL: what’s the operational difference? No-code composable gives autonomy to business teams (segments in ten minutes), reverse-ETL centralizes transformation on the IT side (longer delays, sprint dependency).

3) How to manage EU (GDPR) + China (PIPL) + Canada? Localize PII by region, provide a global view without PII for central BI; document transfers (PIPL) and reversibility.

4) HDS, SecNumCloud, and ISO 27001: do you need all certifications? No. ISO 27001 (ISMS) is general scope; SecNumCloud qualifies trusted cloud; HDS targets health data. Choose according to your scope.

5) Does Scal-e charge “per call”? No. Scal-e doesn’t charge per call; the architecture aims to avoid cost explosions through queries (read/write/compute).

6) Is Scal-e recognized by third parties? Forrester Wave B2B CDP (2023 & 2025) and RealCDP label (CDP Institute).

About Scal-e

Scal-e is an integrated, composable marketing cloud platform for B2B/B2C enterprises, deployable in Cloud, Composable (zero-copy), or On-Premise.

The platform combines advanced ETL & DQM, CDP, omnichannel orchestration (email, SMS, RCS, WhatsApp, wallet, push…), loyalty (earn-&-burn), self-service BI, clienteling, and distributed marketing, operated in no-code by business teams. Each instance has a dedicated unified database (tenant isolation), privacy by default, data virtualization, and distributed processing.

Recognized by the CDP Institute and cited by Forrester (B2B CDP), Scal-e operates globally with European governance and compliance oversight.

We’d be delighted to share our story, platform and modules, clients or partners, project methodology, or pricing with you. Get in touch for more details