The underlying question is if we can also comply to GDPR.

@Jean Reinhold Absolutely, VAPI is committed to compliance with the General Data Protection Regulation (GDPR). We ensure that our services, including the Voice API, adhere to the GDPR requirements regarding data protection and privacy for individuals within the European Union. If you have any specific concerns or questions about how we handle GDPR compliance, please let us know, and we'll be happy to provide more detailed information.

@Vapi I understand that I can keep all the providers in Europe. Can I keep all the telephone communication and the vapi service inside Europe?

@Jean Reinhold Yes, you can keep all the telephone communication and the VAPI service within Europe. By choosing local service providers and ensuring that your telephony infrastructure is set up within European data centers, you can maintain all voice traffic within the European region. This approach helps in adhering to GDPR requirements and in ensuring data sovereignty. If you need assistance with setting up your services to ensure they remain within Europe, please feel free to ask for more guidance.

What about the list of subprocessors that stay in the US?

How do I ensure all my VAPI services including deepgram, cartesia, and OpenAI integrations process data in EU…?

Hey CJ, please create a new support ticket for your issue as this ticket has been closed. You won't be receiving any answers, and it won't be covered under the SLA either.