2020 Invalidation of EU-US Privacy Shield & ContractZen (AzureHosted)
Following the July 16, 2020 ruling invalidating the EU-US Data Privacy Shield, and the inherit issues faced by Microsoft Azure (and services like ContractZen using their offering), what is ContractZen's position?
Are you considering using an EU based/owned hosting provide other than Azure?
Are you considering BCRs to prevent ContractZen from breaching EU regulations?
Are you considering offering containerised/on-prem products?
How are you impacted from having offices in America? How are you affected by US Privacy/Patriot/Cloud regulations?
As a reference, please find hereunder the position of DocuSign who are directly relevant for ContractZen: https://www.docusign.com/blog/the-end-privacy-shield-what-it-means-agreements
This issue would be the single most important reason why we go to competitors.
Thank you for your questions and ideas! First, we would shortly like to answer your questions regarding privacy as it is essential to us.
The Data Privacy Shield, or its invalidation, does not affect ContractZen as we do not transfer data outside the EU. We use only Azure's European data centers. We have an office location in the US but do not store or process any customer data there.
We do not consider using any other hosting providers except Microsoft Azure as it is considered the most secure cloud with stringiest privacy policies and practices. In the upcoming years, we are planning to offer our largest customers a possibility for an on-prem solution but there is not yet a timeline for this.
Here is a one recent Microsoft article regarding privacy and data transfers (which in our case do not happen): https://blogs.microsoft.com/eupolicy/2020/07/16/assuring-customers-about-cross-border-data-flows/