Data protection compliance for European users
I have already discussed this issue in General Discussions but just wanted to formally place it in the Wishlist.
This is the gist of current EU legislation on transfer of data outside the EU :
"Transfers may be made to any country or territory in respect of which the Commission has made a ‘positive finding of adequacy’. . . .The Commission has so far recognized Andorra, Argentina, Australia, Canada (commercial organisations), Switzerland, Faeroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Uruguay and the US Department of Commerce's Safe Harbour Privacy Principles as providing adequate protection . . .
If the transfer is to the United States of America, has the US recipient of the data signed up to the US Department of Commerce Safe Harbor Scheme?"
See this link for full text : http://ec.europa.eu/justice/data-protection/document/international-transfers/adequacy/index_en.htm#h2-1 ) I know this cannot be achieved quickly but hope that WA can put it on the Roadmap as it's a worry for all European WA users.
Currently, all data of Wild Apricot customer accounts are stored in US – for now, we have no plans to provide different locations depending on customer’s location.
Susannah Haan commented
Commercial organisations in Canada are also recognised - see http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm
However, EU data protection law is changing from 2018, so we would need reassurance that Wild Apricot would be in conformity when the legislation comes into force. We have already had some corporate sponsors asking for personal data not to be transferred outside the EU in order to avoid any problems with the legislation.
Im surprised there are so few comments on this.
Wild Apricot stated that: "we do not have much control over which country exactly the servers are ultimately located" so it has terrified most of my board members.