EU Data Protection
Specifically, this document describes how customers can use AWS services in compliance with Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals.
This document provides information to assist customers who want to use AWS to store content containing personal data. Specifically, this document describes how customers can use AWS services in compliance with Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“Directive”).
It aims to help customers understand:
The way AWS services operate, including how customers can comply with EU law, address their security needs and encrypt and otherwise protect their content
The customer’s complete control over the geographic locations where their content can be stored and accessed, and other relevant compliance considerations
The respective roles the customer and AWS each play in managing and securing content stored on AWS services
This whitepaper focuses on typical questions asked by AWS customers when considering the implications of the Directive on their use of AWS services to store content including personal data. There will also be other relevant considerations for each customer to address, such as the customer’s need to comply with industry-specific requirements and the laws of other jurisdictions where that customer conducts business.