Data Regions Update: Thanks for the Knowledge Share Everyone! | C2C Community

Data Regions Update: Thanks for the Knowledge Share Everyone!

  • 22 July 2021
  • 5 replies

Userlevel 7
Badge +26

Hi All! In our coffee chat this morning, @Nina Trankova brought this update to everyone’s attention.

I wanted to share a bit of a summary that I learned today:

@andy.yates mentioned that having all data in the EU ensures that it is safer than most (cough, United States, cough) regions.

@PrashantB mentioned that India’s regulations are quite strict as well.

@alfonsmr admitted that American regulations...being pretty loose...allow for a lot more freedom and you can get to work faster.

@ChristianNewman informed us that data is always constantly crossing oceans anyways. It is just where your data is at rest that is the key here.


5 replies

Userlevel 2

I liked Andy's comment during call that "data is shared and encrypted even in rest"

Good one to remember.😁💯



Userlevel 7
Badge +32

It was a pleasure to chat with all of you!.

Another thing that came up in the meeting, is that the data should reside where the customer is, not where the company is.

Have a nice day!


Userlevel 5
Badge +6

I'm glad we could exchange thoughts on this Google Update! Thank you for the recap @marissa.piazza 

To ad to what otheres mentions, data-at-rest are Primary data for a list of Google Workspace core services. 

Have a nice week! 

Hi @andy.yates 

Are you able to add any more colour to “that having all data in the EU ensures that it is safer than most (cough, United States, cough) regions”?

Also, is there an NFTF on Data Regions?



Userlevel 5
Badge +6

Gosh - that was nearly a year ago, and I’m not totally sure what I said in an off-the-cuff remark in a coffee chat! :)

I am *not* the expert here - but generally speaking, we have adopted an information security and data privacy framework that follows GDPR for *all* of our data - irrespective of whether that data is about EU citizens or not - as (in my understanding) this is the most stringent set of regulations. As new regulations are introduced (such as LGPD in Brazil), we find this easier to adopt and integrate into our framework. 

Another way of looking at it is that, whilst we have SCCs in place to allow the transfer of data between our entities, and with our sub-processors, (with Privacy Shield no longer being sufficient, following Schrems II), there’s an extra layer of protection in place through not transferring the data outside of the EU in the first place.

Hope that’s helpful!


-- Andy