Data Privacy and Data Handling Policies


Follow

Overview

Find below answers to the most often asked questions about our GDPR compliance, though we are storing data on US servers outside the EEA (European Economic Area), how the Schrems II decision impacts us, including the US-EU Privacy shield, and whether we have plans storing data in the EU datacenters.

All information about our data privacy and data handling policies is publicly available on our FogBugz Legal page, including our Privacy Policy and Global Data Processing Agreement.

 


Information

 

Is FogBugz GDPR compliant?

There is no stamp of GDPR compliance that companies can get.

Our company currently processes personal data lawfully in accordance with the Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) and the General Data Protection Regulation (GDPR).

 

 

Storing FogBugz Data on US servers

Storing data in the US is not contradicting the Global Data Processing Agreement available on https://www.fogbugz.com/legal. It includes terms for processing.

 

 

No Plans About Storing FogBugz Data in the EU

Currently, we have no plans on the roadmap hosting the FogBugz cloud in the EU. If needed, you can switch to FogBugz On-Premises to get around this, however, if you're using Kiln, please note that Kiln is not available for On-Premise.

 

 

GDPR - Schrems II

GDPR Schrems II refers to the "Schrems II decision” of the Court of Justice of the EU, also related to the US-EU Privacy shield.

We are monitoring the development and will update our documentation and processes as required.

 

 

If FogBugz is GDPR compliant, why isn't HIPAA compliant?

GDPR focuses on protecting EU citizen's PII data. HIPAA focuses on PHI data within the United States.

GDPR also addresses “sensitive personal data” such as racial or ethnic origin and religion. HIPAA, in contrast, is limited to PHI alone.

GDPR gives data subjects — anyone whose personal data is being collected, processed, or stored — specific rights that differ from HIPAA.

 

Back to the top