Legal questions

Hi there! I’d love to use Netlify for our docs. However, our IT department has the following legal questions:

  • Is it ensured by contract that we always retain data sovereignty?
  • Is it ensured by contract that all data will be deleted after the end of the contract?

Thanks for your help! Lars

Also, they want to know where the Netlify build servers are hosted, i.e., the virtual machines that run the automated builds using our data from GitHub.

Hey @wilhelmer,

Firstly, I’ll share with your our Terms of Service and GDPR Statements.

In our ToS, statement 4 indicates that we expect our customers to comply with federal and state law in San Francisco, CA, US.

Our GDPR statement illustrates that we are committed to complying with the regulation. It is worth noting that there are scenarios where an account owner would be the data controller and safeguarding/preservation of these datasets is your responsibility.

To answer your question specifically, I need to ask – what’s your definition of data sovereignty? If you are referring to owning the content which you share with us then yes, you maintain data sovereignty. If you are referring to the law in which customers, and we, adhere to, then I would refer you back to statement 4 of our ToS.

We can remove all data in accordance with our GDPR policy, upon request, at any time.

If you wished to discuss this further, particularly with a view to specifically outline your requirements as part of an Enterprise agreement (where we can provide custom contracts), I’d be happy to forward this to our sales team.

Our ‘hub of operations’ is west-coast US-based. Our CDN, where data is cached for quick retrieval, is global.

1 Like

Thank you so much for the quick reply. I’ll forward this to our IT department and get back to you if they have any further questions.

Regarding data sovereignty, I think yes, owning the content is what is important to us.

Best regards,

1 Like