EU Data Protection

mLab recognizes that a large number of business customers operate in Europe and that many of these customers need to comply with European data protection laws.

We are and have always been committed to customer trust and to customer success. In this document we hope to keep you updated on where we are in terms of evolving to meet current and forthcoming European data protection standards and law.

Please email us with any follow-up questions or concerns.

EU Data Protection Directive

In 1995, the EU Data Protection Directive (also known as Directive 95/46/EC) was introduced, covering the processing of personal data and on the free movement of such data. Broadly, this Directive sets out a number of data protection requirements which apply when personal data is being processed.

For many years now, to address the requirements of this Directive mLab has offered customers “model clauses” language in the form of Data Processing Addendums (DPAs) that make specific guarantees around transfers of personal data for in-scope mLab services.

Directive 95/46/EC will be superceded by GDPR starting May 25, 2018.


In 2016, the European Commission approved and adopted the new General Data Protection Regulation (GDPR). The GDPR introduces huge changes in European data protection laws. As noted previously, it will supercede the EU Data Protection Directive and will be enforceable starting on May 25, 2018.

mLab plans to be compliant with GDPR by May 25, 2018. There will be an update to our Privacy Policy as part of this effort.

Privacy Shield

From the Privacy Shield Framework’s official site:

“The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce. On July 12, 2016, the European Commission deemed the EU-U.S. Privacy Shield Framework adequate to enable data transfers under EU law.”

For more information visit the Privacy Shield Program Overview.

mLab is in the process of certifying its compliance with these Privacy Shield frameworks and expects certification by Summer 2018.

Frequently Asked Questions (FAQ)

Q. Can we execute a Data Processing Addendum (DPA) with mLab?

Yes. Please email if you would like us to send you our DPA.