CookieFirst CMP migrated to EU sub-processors – Many of you probably have heard of the recent Wiesbaden decision that declared the use of consent managers like CookieBot/Usercentrics illegal due to the use of US providers where data is sent to. Specifically mentioning the use of Akamai CDN.
Although the Wiesbaden decision is only a preliminary court ruling and is currently still pending, we do feel that this recent development is raising questions regarding the use of US providers. So we have decided to not wait for the final judgment and take matters in our own hands. Before yesterday, we at CookieFirst also relied on a few US sub-processors for parts of our software and although we have appropriate SCCs in place, anonymize the data, and store the data in EU-based datacenters, we felt that this was not enough.
Thus, we are very excited to announce that the CookieFirst CMP has migrated to EU-based and EU-owned sub-processors!
EU data processing and data storage for GDPR compliance
Migration to full EU-established data centers
I’m very excited that we have migrated our infrastructure for the processing of end user data to a European provider, our partner OVH, in order to be even more compliant with the GDPR. Data storage and processing now takes place in France and Germany.
— Kees van den Bos, CEO