- erinclare6Asked on January 24, 2018 at 06:01 PMLast thing-- we want to specify that we are not asking for legal advice, but are curious as to how your other global customers are adapting to the GDPR? We operate amongst multiple jurisdictions, including but not limited to the US and EU. How are your other clients meeting the GDPR requirements? Thank you!
- JotForm SupportJim_RAnswered on January 24, 2018 at 06:16 PM
Are you referring to the upcoming changes to GDPR compliance on May 2018?
As of now, we are not GDPR compliant but you can keep your European user data safely in JotForm's European servers. This applies to all other clients using JotForm.
I also forwarded your thread to the concerned team so we can provide you a definitive answer on our plans for these changes. We can't give you any timeframe but we'll keep you apprised on this same thread when there's an update.
- erinclare6Answered on January 25, 2018 at 03:12 PM
Yes, those were the ones I was referring to :) We assumed that dividing our forms between two different accounts may be our best bet. Thank you for your assistance with this.
It is possible that we would need you all to sign a GDPR Addendum (with very standard terms, nothing out of the ordinary) should we use this route. I am running your response and ideas past our legal team now and they will be able to decide next steps. Is that something you all would consider/something you all have done in the past for other clients?
- JotForm SupportJim_RAnswered on January 25, 2018 at 03:43 PM
Hmm, we haven't signed a GDPR Addendum with anyone as far as I know. What I am sure of is that we offer signing Customized Business Associate Agreements upon request, but only with users in the Enterprise level.
I'll add this to my escalation notes so we can inform you accordingly.
- erinclare6Answered on January 25, 2018 at 03:45 PM
Understood. Hopefully our Legal team will not require this but just wanted to see what the circumstances would be if so. Really appreciate all your help!!