Vendor asks 'EU or US data center': what do I pick?
For EU citizen data, GDPR is stricter than US treatment. EU residency is almost always the safer choice, but not all vendors offer it.
Try this first
- 1First check what data goes in: customer personal data, salaries, health: EU residency essentially required.
- 2No personal data (technical logs only)? US works without major GDPR friction.
- 3Ask in the vendor admin whether the choice is changeable later; with some vendors it is locked after setup.
- 4Record the choice in your SaaS register next to the DPA; audits look exactly here.
- 5If the vendor only offers US and you have EU data: is there a Standard Contractual Clauses (SCC) addendum? Request it.
When to bring us in
In sensitive industries (healthcare, finance, legal): ask for advice. The wrong residency choice can lead to GDPR fines.
See also
- New hire has an account but cannot reach Outlook or TeamsAn M365 account without a license is an empty shell. Assigning takes a few clicks, but picking the right plan pays off long-term.
- Employee left, but their email must be retainedPulling the license straight away starts a 30-day timer on the mailbox. The right route keeps access to the mail without paying for the license.
- We pay for licenses nobody usesBetween leavers, duplicate plans, and test accounts there is often 10-20% wasted license spend. A usage report exposes it fast.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.