According to Joplin | European Alternatives , JoplinCloud.com uses hosting services from providers that are legally based outside the EU. Are there any plans to move JoplinCloud.com to hosting services that are subject only to European law in the future?
Joplin Cloud servers are physically located in Paris, France. This means user data is stored in the EU and subject to EU data protection regulations (including GDPR).
At the moment it is not realistically possible to move out of this setup.
Thank you for your reply, Laurent. I understand what you're saying – and also what you're not saying.
Hmm, ok not sure what I'm not saying though. I didn't go into the details maybe but generally we're quite transparent about this.
In an ideal world we'd use the European Azure, AWS or Google Cloud alternative but unfortunately it does not exist. So any EU-only alternative would be very costly in terms of engineering work to migrate and maintain the solution, which would be based on cobbling together various unrelated services as best as we can. That's why I say it's not realistic to change this at this point
Well, what you're not saying is that providers subject to US law cannot guarantee that European citizens' data will be protected from being passed on to the US government (see Golem and FR Sénat).
I can't say whether a provider such as Hetzner, which is certainly smaller than Azure, AWS or Google Cloud, could currently be a sufficiently high-quality alternative for you. I suspect there must be other providers like this in France or Finland or elsewhere in the EU. I also realise that migration would be costly in any case.
I just think it would fit in well with your initiatives such as HDM Secure if you could also offer a suitable Joplincloud service under exclusively European law.
Fair enough, I was answering to your question asking about European law and in this case GDPR does apply. We take our own steps to ensure that data is not being kept longer than legally required as well. It's also recommended to enable E2EE, in which case the data is protected even if it's passed on to a government.
1 Like