Data Protection under GDPR – Data residency requirements

Most of your core business activities are likely to be supported by a software solution which is totally normal. In oder to provide transparency, GDPR requires you to document which data elements are being processed for what purpose, and explicitly highlight if any personal data leaves the EU.

If you are unsure about where the data is stored and if it would leave the EU, do contact the software vendor or your reseller. If the data does reside in the EU or an equivalent country (see list here), then all can remain as is. If this is not the case, we strongly advise to find a comparable software solution that does store its data in the EU or alternatively seek legal advise on the matter.