Using Sitecore to localize Data
What is data localization?
The practise of keeping data inside the country from wherever it originated is known as data localization. For example, if a company obtains data in the United Kingdom, it will keep it there rather than sending it to another country for processing.
Every online communication, on the other hand, necessitates the movement of data, which frequently occurs across international borders. Most of us are at least distantly aware that data handling has both personal and organisational ramifications, thanks to recent legislation such as Europe's GDPR and California's CCPA.
Where is customer data hosted?
Sitecore aims to empower our customers to choose the best strategy to managing their customers' data based on their own business model.
When a customer deploys Sitecore, they choose the data centre where their customer data will be stored, and we record this in our Order Forms. Sitecore maintains the data in that place until the customer requests that it be moved to another data centre of their choosing.
What are the procedures for managing cross-border data transfers?
Let's take a closer look at how Sitecore handles data transfers.
EU to US
When we transfer data from the EU to the US, we do so in compliance with the Standard Contractual Clauses (SCCs), which are still in effect (for the time being), as well as other safeguards. These safeguards1 ensure proper security and reduce the possibility of our data being accessed by US authorities.
Sitecore is keeping a close eye on the draught adequacy decision to ensure that personal data from the EU can continue to flow freely into the UK. Meanwhile, under the adequacy bridge agreed upon in the 2020 trade and cooperation agreement, the UK can continue to receive data from the EU.
Customers in the United Kingdom can pick between a UK data centre and an EU data centre while still relying on the SCCs. It also means that data collected in the UK by non-UK worldwide consumers can be stored in an EU data centre. (It's worth noting that rates will vary depending on whatever data centre your company selects.)
Customers in other regions and businesses may have different requirements for data management in accordance with their country's compliance processes. Sitecore does not provide products or support in few countries due to their local data rules.
Sitecore follows set of standards for responding to third-party requests for access to data stored in the cloud, whether as part of civil litigation or criminal proceedings, etc. Sitecore believes that these satisfy the requirements of “additional safeguards,” which may be required to ensure the validity of the Standard Contractual Clauses (SCCs). These protocols include:
- Creating a system for responding to Government requests that is easy to understand
- Limiting the Government requests
- Trying to assure that requests from the Government are legal
- Inform consumers of Government requests that impact their data or environments, to the extent authorized by law
- Reject or challenge Government requests if they are invalid
Raybiztech is a leading global Information Technology (IT) Services and Solutions, a CMMI Level 3, ISO 27001:2013 and ISO 9001:2008 Certified Company. We are a Member of NASSCOM, HYSEA, NJTC, and AIIA. Raybiztech offers comprehensive end-to-end IT Services for Business Application Development, Enterprise Solutions, Enterprise Collaboration Services, Testing and Quality Assurance Services, Cloud Computing and IT Infrastructure Management to organizations in the Banking & Finance, Insurance, Healthcare, Manufacturing, Retail, Media & Entertainment, Leisure & Travel, Telecom and Energy & Utilities verticals as well as Independent Software Vendors.