Is Zopim Compliant with the EU Safe Harbor Principles?

Anthony Spallone -

With respect to European Data Privacy statutes, Zopim acts as a "data processor" on behalf of its customers, who for purposes of the Zopim service, are the "data controllers." European Data Privacy statutes have many requirements and customers should be aware of the means by which we comply with the "data transfer" requirements of these statutes.

Zopim currently hosts data within the EU. Zopim data is hosted at a third-party managed data center in Dublin, Ireland (and proxied in various data centers around the world). Zopim, as a Singapore entity, is not able to certify as compliant with the U.S.-E.U. Safe Harbor as this is only available to entities incorporated in the United States.

For compliance with E.U. data privacy requirements, Zopim relies on the concept of informed consent. In particular, Zopim expressly discloses the location of its data processing facilities and requires that its customers obtain any necessary consent required of their particular data subjects to transfer data pursuant to this policy. That provision of our privacy policy is set forth below:

By voluntarily providing us with personal information, you hereby represent that you are the owner of such personal information or are otherwise authorized to provide it to Zopim. You further agree that you are consenting to our collection, use, storage and/or disclosure of such personal information in accordance with this Policy. You acknowledge and agree that your communications with Zopim will inevitably result in the transfer of information, including personal information, across international boundaries. If you provide personal information to Zopim through our Service, you acknowledge and agree that such personal information may be transferred from your current location to the offices and servers of Zopim and the authorized third parties referred to herein, located in Singapore, France, Germany, Ireland, Japan, Australia, Brazil and the United States of America and other countries (the “Other Countries”) for storage and processing in accordance with this Policy. You acknowledge and agree that the privacy and data security laws of such Other Countries may be different from the privacy and data security laws in force in the country in which you reside and agree that the privacy and security laws in effect in the applicable Other Countries may govern how your personal information may be collected, used, stored and/or disclosed.

Zopim has no direct relationship with the individuals (or "data subjects") that its customers may interact with in utilizing the Zopim service. As a result, it is up to our customers to ensure that any necessary consent required of these data subjects to host and process data outside of the European Union is obtained. 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.