EU Law for Data center location

  • Profile Image
    Priv
    Asked on March 09, 2015 at 01:40 PM

    Hi,

    Under EU law it is not allowed to transfer personal data to US without proper arrangements. Also in addition to exact legal details many companies now prefer that their data is not stored in US (distrust of US intelligence agencies). Therefore hosting in EU countries only would make the jotform service stronger. Or it could even turn out to be a deal breaker in certain case.

    An alternatively would be an approved safe harbor deal http://www.computerweekly.com/news/2240218892/EU-data-privacy-authorities-approve-Microsoft-Azure-Office-365-and-other-cloud-services. After such approval EU companies might still be hesitant, but at least some safeguards would be in place.

    Maybe this is a topic to discuss with jotform management as it might be of strategic importance.

    Regards,

    Frank

  • Profile Image
    Charlie
    Answered on March 09, 2015 at 01:53 PM

    Hi Frank,

    Thank you for sharing your input, as mentioned by my colleague on the previous post, our data centers are located in 2 continents, 2 in USA and 1 in Germany.

    Here's a quick infor regarding our security, JotForm is 9 years old and throughout our history we have not ever once lost customer data. That's because we take security very seriously.

    - We have bug bounty programs where we pay outside parties for reporting vulnerabilities in our system.

    - Our servers are protected by private networks and constantly updated and patched. - Our system administrators have a collective 40+ years of industry experience.

    - Our development team is encouraged to follow best security practices.

    - All data transfer are made of 256-bit SSL secure connection.

    - Our servers are located on SSAE16 Audited facilities.  

     

    I'll escalate this to our developers and upper management so that they an take a closer look or if they might have additional inputs regarding this.

    Thank you.

  • Profile Image
    Priv
    Answered on March 10, 2015 at 09:10 AM

    Hi Charlie,

    Thanks for the additional information. Much appreciated. The issue is not a distrust to jotform and its security. It is mainly about providing certainty to customers that their (personal) data is not transferred/hosted outside European Union.

    Regards.

    Frank

  • Profile Image
    Charlie
    Answered on March 10, 2015 at 11:24 AM

    Hi Frank,

    Thanks for the clarification, JotForm takes data security and privacy seriously, and we appreciate the feedback that you have. We'll take note on the additional information and we'll escalate this to our upper management about your concern.

    We should hear from them regarding this matter.

    Thank you.

  • Profile Image
    steve
    Answered on April 07, 2015 at 03:59 PM

    Hello!

    Great news. We're now Safe Harbor certified. Please see our updated Privacy policy here.

    http://www.jotform.com/privacy/

    Do let us know if you have any questions!

  • Profile Image
    KadeJM
    Answered on November 02, 2015 at 08:46 AM

    As of recently the EU Law for Data Center Storage has changed and we are pleased to inform you that we have found a solution to Safe Harbor invalidation. We would like to invite you to read more about it here http://www.jotform.com/eu-safe-forms/ where you can safely move your account to our European Servers.