Question
How about USA-EU Safe Harbor policy?
I’ve just had a look on your status on US-EU Safe Harbor list and it seems to be as Not Current (http://safeharbor.export.gov/companyinfo.aspx?id=18129).
For us as your customers it is crucial you to be enlisted with ‘Current’ status at such list. Otherwise, we can not meet the requirements of European legislation on personal data protection.
You should have updated your registration on the Safe Harbor list on october. Additionally, such a change does vary the terms of service. Are you planning to update your status on such frame? When?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
With Safe Harbor having been invalidated in court it would be interesting what model DO is using dealing with private information on EU websites hosted at DO servers outside and inside the EU. See https://www.wordfence.com/blog/2015/10/european-data-on-usa-servers-safe-harbor/
It is imperative that DO find and create a viable solution to this policy asap as EU Safe Harbor as been ruled obsolete as mentioned in the Wordfence article posted by user @jasper. RE DO’s current policy, “DigitalOcean complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries and Switzerland. DigitalOcean has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view DigitalOcean’s certification, please visit” found here: https://www.digitalocean.com/legal/privacy/
The policy by AWS mentioned in the article by Wordfence seems to be the only approach barring fully encrypting every VPS/rack. I know DO is doing everything it can to come up with a sustainable solution as I have incoming clients from the EU that I’d like to service using my favorite hosting provider in the history of every continent. ;-) DO staff; please update this thread with any info you can asap. This is a big one for us small businesses as establishing any such deal with independent EU states would be a legal fee nightmare far beyond any revenue I/we currently have. Thx and kind regards.