Can European contact centres run from foreign operated clouds such as AWS, Azure & Google Cloud? Can European businesses use CCaaS and remain GDPR compliant? That is an important question when the fines for not abiding by the GDPR regulations can be up to 20 million Euro or 4% of worldwide revenue.
This issue has become a hot topic since decisions by some of the national EU regulators have made it clear national regulators believe cloud services run by a US company, even if the server is physically located in Europe, are ultimately controlled by a foreign entity and therefore may breach rules regarding personally identifiable information (PII) data transfers.
Take for example the recent decision by German regulators to ban the use of Microsoft 365 within the German education system, as they are concerned among other issues, that some personal information will always be transferred to the USA without consent or ability to opt-out. Clear breaches of the GDPR.
And it’s not just Germany, the French Ministry of Education also banned the use of Microsoft 365 in schools, and Datatilsynet, the Danish data regulator, banned the use of Google Workspaces for similar concerns.
Bans extend beyond just e-mail – Google Analytics has already been ruled non-compliant by Austria, France, Italy and Denmark, with businesses in these territories already ordered to stop using the service. Denmark has gone further, and even indicated Google’s attempts at redesigning their product still fall foul of the GDPR rules.
Since the invalidation of the Privacy Shield protection, and a lack of adequacy status for the United States, it’s clear any business conducting their operations on foreign hosted or controlled clouds runs the risk of falling foul of the GDPR rules.
So what can a business do? Fortunately, there are EU alternatives to these US controlled clouds and services, where European businesses can be sure their data is hosted and controlled fully within the European Union.
QContact is one such provider who can offer a fully sovereign service to our European customers – with a platform
- Hosted in Europe on a European owned and operator cloud.
- Developed in Europe.
- Supported by individuals located in Europe.
- Billed from a European company in Euro.
This ensures no transfers of PII outside of the EU, other than of course any communications sent or received to foreign social networks / e-mails / phones, where the user has already consented to their provider’s transfer of data.
So if you run a European contact centre, and want to ensure you stay on the right-side of the law, let QContact help you today.