Back to all blog posts

Can you guarantee that personal data will be stored and processed within the EU or in GDPR-compliant regions?

June 3, 2025

For EU

To comply with the General Data Protection Regulation (GDPR), we will:

  • Data Storage and Processing: Utilize cloud services that offer EU-based data centers, such as Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP), ensuring that all personal data of EU users is stored and processed within the EU.

  • Data Transfer Restrictions: Avoid transferring personal data outside the EU unless necessary. If transfers are required, we will implement appropriate safeguards, such as Standard Contractual Clauses (SCCs) or rely on the EU-U.S. Data Privacy Framework (DPF) for transfers to certified U.S. entities. 

  • Compliance Measures: Implement data minimization, purpose limitation, and obtain explicit consent for data processing activities, as mandated by GDPR.

For USA

For the United States companies, we will:

  • Data Storage and Processing: Leverage U.S.-based data centers provided by cloud services like AWS, Azure, or GCP to store and process personal data domestically.

  • Privacy Compliance: Adhere to applicable U.S. data privacy laws, such as the California Consumer Privacy Act (CCPA), ensuring transparent data practices and user rights.

  • Data Segregation: Maintain separate data storage environments for U.S. users to prevent cross-border data flow, unless explicitly consented to by the user.