How would you architect a multi‑tenant product configuration management system that supports dynamic feature toggles, policy enforcement, and audit logging across a global SaaS platform, ensuring high availability and compliance with GDPR?

Use the CIRCLES framework: Clarify scope (tenant isolation, feature toggle granularity, GDPR data handling), Investigate constraints (latency, data residency, compliance), Recommend architecture (microservices with a dedicated Feature‑Toggle service, event‑sourced configuration store, audit log service, global CDN for caching), Communicate trade‑offs (CAP considerations, cost vs. latency), Listen to stakeholder concerns (security, ops), Execute with phased rollout and blue‑green deployments, Summarize key benefits (scalability, compliance, observability). Each step should be concise, referencing specific patterns like CQRS, eventual consistency, and role‑based access control.

I would start by clarifying the scope: we need tenant isolation, dynamic feature toggles, policy enforcement, audit logging, high availability, and GDPR compliance. Next, I’d investigate constraints such as latency targets, data residency, and existing tech stack. I’d recommend a microservices architecture: a dedicated Feature‑Toggle service exposing a REST/GraphQL API, an event‑sourced configuration store (e.g., Kafka + PostgreSQL) for immutable change logs, and an Audit Log service that writes to a separate, immutable store for compliance. To ensure high availability, each service would run in multiple AZs with a global CDN for read‑heavy toggle lookups. I’d enforce role‑based access control and encrypt data at rest and in transit. For GDPR, I’d implement data residency controls, provide tenant‑level data export, and maintain an audit trail. Finally, I’d deploy using blue‑green or canary releases, monitor with distributed tracing, and iterate based on metrics. This approach balances scalability, compliance, and operational simplicity.