I am concerned that doxy.me may no longer comply with GDPR due to the Schrems II July 2020 ruling determining that The Privacy Shield will no longer be sufficient for servers located in the US.
When inquiring with doxy.me staff on how this is going to be navigated, we were advised that the Privacy Shield is in place and no client information is saved on doxy.me servers (which are managed by Amazon based in the US).
- The privacy shield is no longer valid
- As calls are peer to peer IP address must be saved somewhere. If they are not, we need to know how client information is handled-deleted-encrypted
I am writing here because doxy.me US staff does not seem to be aware of the European legislation and our clinic staff has been going back and forth with doxy.me staff since July.
In order for our clinic to maintain a working contract with doxy.me the Schrems II ruling needs to be attended to with transparency. Please advise
EDIT: Also, doxy.me has been determined as non-GDPR compliant by European institutions.