Security & data residency
Org-admin
These policies are set by organization admins and apply to everyone in the organization.

EU-only models (data residency)
The EU-only models toggle restricts every member of your organization to EU-processed (or self-hosted) models — in chat, the workflow assistant, agents, and workflows.
- It is on by default (secure by default).
- While on, non-EU models are hidden from the picker and blocked for agents and workflows.
- An admin can turn it off if the organization deliberately wants to use non-EU-processed models.
The full behaviour is described in EU sovereignty & residency.
Login MFA (email one-time code)
Require a 6-digit email code after the password on every password login. It is on by default. Members who sign in with a passkey or social provider already have strong authentication and aren't additionally prompted — see MFA & passkeys.
Why these are org-wide
Both are organization policies rather than personal preferences, so a single admin decision applies consistently to the whole team — the essence of niil's "secure by default" posture.