Physical hosting in EU data centers for products and processing
I am not sure you can help me with this but I will ask. Are we required to physically host in the EU data centers for our products and processing or can we host in the US if we follow all of the GDPR rules and cross border transfer guidance. If this is not the type of question I can ask, I totally understand and will pursue other avenues for guidance. Thanks again for your help and great product. Let me know if you have any questions or concerns.
Assign topic to the user
Recently the European Court of Justice (in Shrems II decision) invalidated the adequacy decision of the EU Commission claiming that US Privacy Shield granted an adequate safeguard for data protection in the United States. This means that any data transfer between the EU and the US must be on another legal ground like the Standard Contractual Clauses (SCC) or the Binding Corporate Rules (BCR).
The European Data Protection Board (EDPB) recently published a FAQ sheet on the implication of the Shrems II decision that you can find here: https://edpb.europa.eu/news/news/2020/european-data-protection-board-publishes-faq-document-cjeu-judgment-c-31118-schrems_en
One of the suggestions that arose from EDPB is to consider avoiding storing personal data in the US and prefer Cloud Service Providers with servers based in the EU in order to be compliant with GDPR requirements. Please note that the decision applies to the transfer of personal data, not to all data transfers.
Here you can find more information:
- Full text of EU GDPR (General Data Protection Regulation) https://advisera.com/eugdpracademy/gdpr/
- 3 steps for data transfers according to GDPR: https://advisera.com/articles/3-steps-for-data-transfers-according-to-gdpr/
- What is the EU GDPR and why is it applicable to the whole world? https://advisera.com/eugdpracademy/knowledgebase/what-is-the-eu-gdpr-and-why-is-it-applicable-to-the-whole-world/
You can consider enrolling in our free EU GDPR Foundations Course:
- EU GDPR Foundations Course https://advisera.com/training/eu-gdpr-foundations-course//
Comment as guest or Sign in
Aug 28, 2020