Fascinating read. Thank a lot for brining this up.
Servers are hosted with layered tech which is a provider out of dallas. This is also where the servers are physically located right now.
Shopify does not stores customer records beyond Orders. No credit cards which are submitted by customers ever touch the hard drive or the database.
Unfortunately, something as silly as the customer’s name or email address is considered personal data, and is subject to protection. :( Even if you discarded all data after the order, the bare fact of transmitting it back and forth is covered under the law.
Layered Tech is not in the Safe Harbor list. I would like to know if you can influence them to adhere to the safe harbor principles, in order to be able to accept shops for European customers. Meanwhile, all the EU shops will be on dubious legal ground, so perhaps it is in your best interest to find a hosting partner that is able to provide this level of commitment to personal data safety.
Please let us know.
Thanks Scott. I will continue setting up my shop meanwhile, and hope that by when the first customers arrive, it’s all ready.
Anyway, my shop is so unimportant that I’m sure it would not draw attention from the powers that be, so it doesn’t worry me too much, it’s just that I can’t help but nitpick
In the end, though, all your EU shops should be aware of this, so it’s best to be ready anyway