Deploy app with end user in Europe - GDPR / EU-US Privacy shield

Hi guys,

I’m Geoffrey from France and I’m currently working on an app project. After business plan, market analysis etc… I discovered Adalo few weeks ago. I was (and still am) really hyped by the product, it was the perfect tool for my project, simple, intuitive with beautiful visual.
I really enjoyed the time I spent to build the app !
However Few days ago, while I was looking about legal formalities I discovered that Adalo did’nt meet all the GDPR requirement. Also, I found out that Adalo did’nt have servers based in Europe and didn’t commit to EU-US Privacy Shield.
So I’m now skeptical about the use of Adalo here in Europe.
Does anyone here already deployed an app in Europe yet ?

Ashley from support told me that some users have placed a toggle box at the signup stating that the app is obtaining their information and they are providing consent to this. This can be a solution but do you think it’s enought ?

I’m pretty lost now, that’s why I create this topic, if anyone is in my situation… I’ll continue the research on my side.
Thank you for your helps guys (and sorry for the bad english !)

1 Like

French too and didn’t thought about GDPR compliance yet.
Curious to know the answer

In the UK and extremely interested to know if this is an issue…

We are not fully GDPR compliant yet. It is on our radar and there are some steps already in motion, such as getting EU servers. Unfortunately, I cannot give you a definitive date when all of this will be ready.

1 Like

@geoffrey.tissot2 Hey man, welcome to the community. You are correct, committing to the GDPR would make a lot of things much easier, but it is not like we are entirely lost here.

What you require is a properly done EULA / General Terms. As soon as you are running a business working with user data, you will have to state the contact details of your Data Privacy Officer anyway. These are (at least here in Germany) postions you are required to fill (for example the play store also requires the contact details of that position).

Here is what I did / am doing: I had a long and detailed chat with our Data Privacy Officer stating all the connected services we’ll be using. That includes all the Zapiers, Sendgrids, Airtable and other services. You will have to create a workflow description of what data is going where. As a next step our lawyer and the DPO will create the users agreement, and then we’re perfectly legal.

Please not that you would have to do these step anyway, even if Adalo as a service was GDPR compliant. There is no way around these agreements, imprints and DPOs.


Hi Axiom, thank you for sharing your experience and for clearing that up !

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.