Back to All FAQs
01.Can you describe your compliance with US regulations with respect to data privacy and storage?
We are a US-based company and are compliant with all US regulations. We are compliant with all data residency and data privacy laws in the USA. We are compliant with GDPR. We are compliant with CANSPAM and other regulations. Although from a US perspective, there is no comprehensive federal data protection law, there are sectoral laws relating to data residency/localization or government access to certain types of data. In addition, many of the obstacles that organizations faced with regard to the use of American citizens' data abroad and data transfers to the US were addressed by mechanisms including the EU-U.S. Privacy Shield. However, as a result of the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v. Facebook Ireland Limited, Maximilian Schrems (C-311/18) (“the Schrems II Case”), the EU-U.S. Privacy Shield was invalidated, leaving a significant regulatory gap for data transfers to/from the US.
02.Where are your servers located?
Our infrastructure platform uses servers and cloud services from AWS, MS Azure, OCI, and others. The data for these services from these vendors are stored at these locations:
  • Virginia
  • Ohio
  • Phoenix
  • Ashburn
  • Tokyo
  • Mumbai
  • Frankfurt
03.What's your regulatory compliance with sanctioned countries and persons?
InfStones is a multinational organization operating in several countries. Although we are a US-based company, we localize operations to the degree that we are compliant with local laws and regulations in each jurisdiction as a policy for compliance. We do not operate out of or with firms, partners, vendors, suppliers, or contractors in any sanctioned countries:
  • North Korea
  • Cuba
  • Iran
  • Syria
  • Venezuela
  • Russia
  • Belarus
We do not work with any persons, worldwide, that are sanctioned by the US authorities.

Not seeing your question answered?