EU Safe Forms: Our Solution to the EU Safe Harbor Invalidation

We are proud to have thousands of users in every European country. Until recently, we were part of what was known as the “Safe Harbor” framework, otherwise known as “Privacy Shield”, which allowed US companies to store data for their European customers in the US. Unfortunately, a European court recently invalidated this framework.

This decision put many American companies and their customers in a tough spot. Some companies chose to stop serving customers in the EU, and others presented customers with new contract provisions requiring them to waive legal data protections.

There was no way Jotform would stop serving our European customers, so we decided to store European user data only on European servers and not transfer it back to the US.

We updated our software with a new option, to transfer all user data to our European servers. Once an EU customer switches to EU Safe Mode, their form data will only be kept on our European servers.

One great bonus of this setup is that it will be faster. Since the forms and data are now kept in Europe, and our European site is hosted in Europe, both our users and the people responding to their forms will enjoy optimized site performance.

In the coming months, we are planning to have all of our European users switch to the new setup, but during the beta period, switching to our European servers is optional.

What happens when I transfer my data to Europe?

After you choose to transfer your data, your form data will be copied to our European servers. Once the transfer is complete and everything is double checked, we will delete your data from our US servers.

Upon completion, you’ll receive a confirmation email from us. Since your data is only available on jotformeu.com, when you log into Jotform, you’ll be redirected there to access your data.

What is Safe Harbor?

Safe Harbor is an agreement between the United States Department of Commerce and the EU made in 2000 to regulate the way US companies export and handle personal data of European citizens.

Why was it invalidated?

The European Court of Justice invalidated the US-EU Safe Harbor framework as a result of a case against Facebook. The court decided the personal privacy and data protection laws were inadequate in the US.

Why is this decision so important?

US companies, such as Jotform, depended on the Safe Harbor / Privacy Shield framework to transfer and store European data on US servers.

What is an EU Safe Form?

An EU Safe Form is a form that is served from Jotform’s European servers in Germany. When the form data is submitted it is stored in Jotform’s European servers and the data can only be accessed from Jotform’s European site. The data is never transferred to the US.

Note that an EU Safe Form is only safe if you are a Jotform user in Europe. US companies must still comply with EU privacy laws when transferring data on EU citizens to the US. If you are a Jotform customer and you will or may be collecting personal information on EU citizens through use of your forms, you must unambiguously state in your form that the data will be transferred to US and get agreement from the user with a terms checkbox or a terms widget.

This article is originally published on Oct 28, 2015, and updated on Feb 23, 2022.
AUTHOR
Aytekin Tank is the Founder and CEO of Jotform. A developer by trade but a storyteller by heart, he writes about his journey as an entrepreneur and shares advice for other startups. He loves to hear from Jotform users. You can reach Aytekin from AytekinTank@Jotform.com

Send Comment:

Jotform Avatar
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Comments: