As some of you might be aware, since the Schrems II regulation was confirmed, privacy sheild as a transfer mechanism is no longer compliant. Since then we got standard contractual clauses, however these are not adequate for EU to US data transfers, due to FISA 702 . So right now, if you’re collecting European user data and are not using a dedicated European instance, your bubble instance is not compliant with gdpr, so neither is your business provided you keep the European customer data there.
I asked customer support about this and they have confirmed it. The only solution is:
- Pay several thousands a month for a dedicated instance.
- Hopefully wait for an new EU to US data transfer agreement like privacy shield.
I’m a bit disappointed because I can’t launch my product now and cannot afford a dedicated instance. So I’ll just need to use it for validation purposes. If anyone has any suggestions of alternatives, please let me know.