

Ask HN: EU firms: Data Protection compliance if processing credit cards in USA? - wodow

Startups based in the EU:<p>If you are processing payments or storing/vaulting credit cards using US services, how are you complying with the Data Protection Directive [1]?<p>Is the service Safe-Habor-registered? [2]<p>[1] http://en.wikipedia.org/wiki/Directive_95/46/EC_on_the_protection_of_personal_data<p>[2] http://www.export.gov/safeharbor
======
wodow
I am asking in general, but am specifically interested in Spreedly.

They are storing credit card data (which counts as "processing" "personal
data") for many EU firms but don't appear to be Safe Harbor accredited.

