In practice, a global deployment is going to have regional SpiceDB clusters that keep most of the data in that region. If you're segmenting data for compliance reasons, I'm not sure CRDB's data domiciling functionality meets those requirements as it doesn't prevent data from leaving the region. I'd recommend having a separate datastore to be 100% sure in that case.