Is Bubble GDPR compliant?
Yes. Bubble takes the protection of your personal information seriously and has implemented measures designed to meet the standards of applicable data privacy laws, including the General Data Protection Regulation (GDPR) in the EU and the UK. You can review our GDPR-compliant data processing agreement (DPA), or read this blog post to learn more about how you can use Bubble's capabilities to meet your GDPR obligations.
Can I build a GDPR-compliant app on Bubble?
Yes — you can take advantage of Bubble's capabilities to meet your GDPR obligations. We recommend reading our GDPR guide for a full walkthrough.
Can my app be GDPR compliant if it's on Bubble's main cluster?
Bubble's GDPR measures apply to all apps on any plan, including those on the main cluster. It's ultimately up to each customer to decide whether they want or need to go further — for example, by storing data in the EU. We recommend consulting a qualified legal professional for advice on the specific regulatory compliance obligations relevant to your circumstances.
Privacy Shield was struck down — is Bubble still GDPR compliant?
Yes. When the Privacy Shield was invalidated, Bubble implemented Standard Contractual Clauses (SCCs) in our DPA. We continue to meet the standards of applicable data privacy laws, including the GDPR in the EU and the UK.