Table of contents
- Overview
- Where is GotPhoto data stored?
- How does GotPhoto comply with privacy regulations?
- What security measures protect customer data?
- Where can I find GotPhoto’s data processing agreement (DPA)?
- Where can I access additional GotPhoto privacy documentation?
- FAQs
- The takeaway
Overview
Use this article when a school, league, or organization asks you for official information about GotPhoto’s data protection, data storage, or legal compliance. You can copy and share the links below directly with your contacts. This information explains where GotPhoto stores data, which regulations apply, and how customer data is protected.
Where is GotPhoto data stored?
Understand where GotPhoto hosts data and under which jurisdiction it falls.
- Server location: GotPhoto securely stores all data on Amazon Web Services (AWS) servers located within the European Union (EU).
- Jurisdiction: Because the servers are located in the EU, all stored data is subject to EU jurisdiction.
This ensures consistent handling of data under EU legal and regulatory standards.
How does GotPhoto comply with privacy regulations?
Review the legal frameworks that govern GotPhoto’s data processing practices.
- GDPR compliance: GotPhoto fully complies with the EU’s General Data Protection Regulation (GDPR), one of the world’s strictest data protection laws.
- Market-specific policies: Compliance details differ by region and are documented in dedicated GotPhoto privacy policies.
Access official GotPhoto privacy policies here:
These documents are also available:
- In the footer of your GotPhoto admin area
- On the GotPhoto Trust Center
What security measures protect customer data?
Learn how GotPhoto safeguards sensitive information.
- SOC 2 compliance: GotPhoto is SOC 2 compliant, demonstrating adherence to rigorous security and operational controls.
- Technical and organizational measures (TOMs): GotPhoto applies comprehensive Technical and Organizational Measures (TOMs) to protect confidentiality, integrity, and availability of data.
Review detailed documentation here:
- GotPhoto Privacy & Data Handling page (US & Canada overview)
- GotPhoto Technical and Organizational Measures (TOMs) USA
Where can I find GotPhoto’s data processing agreement (DPA)?
Access the applicable GotPhoto Data Processing Agreement (DPA) for your region and share it with schools or organizations if requested.
- GotPhoto Data Processing Agreement (US)
- GotPhoto Data Processing Agreement (Canada)
- GotPhoto Data Processing Agreement (UK)
Where can I access additional GotPhoto privacy documentation?
Use these official GotPhoto resources for complete transparency and compliance reference:
- GotPhoto Trust Center
- Privacy Policy (UK version); Privacy Policy (US & Canada version)
- GotPhoto Privacy & Data Handling overview
These pages provide detailed explanations of compliance standards, infrastructure, and data protection practices.
FAQs
Can I share this information directly with schools?
Yes. You can copy the links in this article and send them directly to schools, leagues, or organizations that request official compliance documentation.
Is GotPhoto GDPR compliant?
Yes. GotPhoto fully complies with the EU General Data Protection Regulation (GDPR). All data is handled in accordance with EU data protection standards.
Where are GotPhoto servers located?
All data is securely stored on Amazon Web Services (AWS) servers located within the European Union.
Is GotPhoto SOC 2 compliant?
Yes. GotPhoto is SOC 2 compliant and applies strict technical and organizational security controls.
Where can I download GotPhoto’s Data Processing Agreement (DPA)?
You can download the region-specific GotPhoto DPA here:
The takeaway
If a school or organization requests data protection documentation, share the relevant GotPhoto links from this article. Additionally, ensure you publish your own Privacy Notice in your shop. Confirm it accurately reflects your services and data collection practices. Always follow applicable local data privacy regulations and consult legal counsel if you are unsure about your obligations.