Optimizely updated our DPA in Q3 2021 to address the invalidation of the EU-US Privacy Shield framework by the Court of Justice of the European Union (CJEU) (also known as the Schrems II ruling) – reflecting that our services should not include PII data.
Our updated DPA can be found here: DPA (Data processing agreement) - Optimizely
If PII data was to continue to be included, Optimizely customers have two options:
- Give consent to Optimizely that the PII data stored within their instances can be serviced globally by members of our support organization in alignment with their SLA
- Apply Geofencing – a free service – to their account that would set regional controls on the members of the Optimizely organization that can service their application
How can my organization access Geofencing?
Geofencing is a contracted service that needs to be added to your subscription. This service applies multiple affects to your contract:
- Assigns your service “region” as part of the support service related to
- Where your data is currently stored
- Where your primary customers are located
- Enacts controls put on your account that are managed by our Support and Engineering teams to:
- Assign relevant tickets to only members of our support teams located in the service “region” stated above, as selected by the customer
- Assure your application, specifically your instance where PII data will be stored, will only be serviced, and managed by members of our support teams in related support “region” to assure that the PII data stored inside does not leave your chosen “region”
- Updates your associated SLA to a new SLA that reflects an update to relevant aspects of your service detail. A copy of this new SLA can be found here
Business Hours represents the support hours available based upon your selected region for geofencing (i.e., NA, APAC, EMEA). Your support services will be available in these locations for Optimizely teams during the hours listed.
|NA||North America/Canada||8 AM to 5 PM, EST & PST|
|APAC||Asia Pacific||8 AM to 5 PM AEST/AEDT|
|EMEA||EU/EEA & UK||8 AM to 5 PM CET|
To comply with GDPR, Optimizely ensures that vendors and sub-contractors are GDPR ready and compliant. If you have questions, our sub-processors can be viewed here: Sub-processors - Optimizely