European Data Handling Requirements

This question asks whether you'll handle any data from or about people in European Economic Area countries (EU plus Norway, Iceland, and Liechtenstein). Your customer needs to know because touching European data in any way - collecting, processing, or storing it - triggers GDPR requirements, which are some of the world's strictest privacy laws.

Your answer determines whether you need full GDPR compliance, which can cost hundreds of thousands in implementation. Saying 'yes' means demonstrating comprehensive privacy controls, while saying 'no' might exclude you from global enterprises who need vendors capable of handling international data. This single question often determines whether you're seen as a regional player or a global-ready platform.

Companies frequently underestimate what counts as 'processing' EEA data - even having European email subscribers or website visitors can trigger GDPR. Another pitfall is thinking you're exempt because you're US-based; GDPR applies to any company processing European data regardless of location.