Bubble app on Europe (EU) server located

florent.bocquelet · May 26, 2017, 9:36am

any news regarding this subject ?
Seems like a major issue for all EU customers.
How should we communicate about data storage and transfer in the privacy policy of our websites built with Bubble for EU customers ? Do you have some guidelines ?

ryanck · June 1, 2017, 10:21am

Does anyone have an update on this threat?

Thanks a lot guys.

metzka.steffen · December 6, 2017, 12:01pm

Last post may 26.

Some news and updates on this topic?

Thanks a lot!

vincent56 · December 6, 2017, 4:34pm

This is really needed! Is it a complicated process? is it a matter of pricing? Or is it a matter of priority?

metzka.steffen · December 6, 2017, 7:55pm

They sended me more informations about the dedicated plans.
The pricing is impossible for a small company getting started. Over a thousand €!

vincent56 · December 6, 2017, 8:06pm

As far as I could tell it starts at 635 EUR. Even though dedicated might be an option for us in the future, Bubble is far better off with keeping us in their plans in terms of margins.

So I hope they can get this out there soon

help · December 6, 2017, 10:59pm

This is an interesting thread, one that caught my eye and concerned me into researching.

I found this on the AWS website on the EU/US privacy safeguard. I am making no legal conclusion or advise either way, so dont base any decisions on this, just wanted to show what I found.

help · December 6, 2017, 11:03pm

and this as well:

hawkeye84 · January 18, 2018, 5:35pm

Any updates on this? I am based in the EU and I need to be compliant with the privacy rules, just as anyone else…

help · January 26, 2018, 10:42pm

See above screenshots I took, it looks like AWS is compliant according to their website. But dont quote me on it and Im not a lawyer

gurun · February 12, 2018, 6:40am

@emmanuel @josh We wouldnt want GDPR to fine or take down any of our European fellows would we? May you help us gain clarity on this one so no-one is at risk.

Another topic in the same area, would be how to run a bubble app for US and European customers. Multi-datacenters?

Thanks!

vincent56 · February 12, 2018, 7:25am

Very interested to hear more about this as we are now in this situation.

simon · February 12, 2018, 8:53am

GDPR becomes affective 25th May so we have 3 months. Has anyone figured out if using bubble will put you at risk of fines if you are using it for UK PII data?

Thanks

Simon

gurun · February 12, 2018, 9:00am

Keep in mind the data-hosting is just a part of GDPR.

Regulating your employees access and other things are likewise as important.

Application of the data protection regulation depends not on the size of your company/organisation but on the nature of your activities. Activities that present high risks for the individuals’ rights and freedoms, whether they are carried out by an SME or by a large corporation, trigger the application of more stringent rules. However, some of the obligations of the GDPR may not apply to all SMEs.

For instance, companies with fewer than 250 employees don’t need to keep records of their processing activities unless processing of personal data is a regular activity, poses a threat to individuals’ rights and freedoms, or concerns sensitive data or criminal records.

Similarly, SMEs will only have to appoint a Data Protection Officer if processing is their main business and it poses specific threats to the individuals’ rights and freedoms (such as monitoring of individuals or processing of sensitive data or criminal records) in particular because it’s done on a large scale.

emmanuel · February 12, 2018, 5:49pm

This is something we’re currently looking into with our counsel, this is not a quick thing to look into, but we hope to be able to share some findings there in a few weeks.

gurun · February 12, 2018, 11:46pm

Truly appreciated!

ryanck · February 13, 2018, 5:52pm

Yeah, thank you @emmanuel

help · February 13, 2018, 6:20pm

Hi Emmanuel,

I had a look at AWS and even if their data center is in the US, it is complaint with EU-US safe harbour and AWS has signed up to be GDPR compliant. I dont understand the problem everyone is having?

chrislarge305 · February 15, 2018, 9:20am

Yes, it is a concerning time a lot due to the ambiguity of GDPR its very muddy waters as in what we are supposed to be doing. The important thing to note though this doesn’t just affect people in the EU, it affects those that are running businesses (and even personal blogs) worldwide. If you allow EU citizens access to your website (even if they access from outside of the EU they are still an EU citizen) you will need to comply with GDPR. PII even goes down to something that you would think was fairly non relevant, the IP of the user. This means that every single website in existence will be tracking an IP as it goes into server logs. So basically everyone in the world that has a website needs to conform to GDPR.

So this is greater than just where the thing is hosted. As has been pointed out as long as it is compliant with privacy shield etc the hosting “should” be fine. And I am sure we can rest easy knowing that Amazon has got that part covered.

However not scare mongering as I am sure that they are not going to go after every single website ‘joes little blog’ just because they haven’t got a policy on why they are keeping the IP of the visitor in the server logs. But the possibility is there.

Note I am not a lawyer or a GDPR specialist this is just from what I have been researching my self

gurun · February 15, 2018, 4:33pm

@help
It is much more than where your web app runs. Please read up on: https://www.eugdpr.org/gdpr-faqs.html