Does Heroku comply with the EU Data Protection directive on personal data?


Salesforce (the parent company of Heroku) has a data processing addendum in place which provides several mechanisms for data transfer to the European Union (more information can be found here:

The most popular mechanism for Heroku is described below (EU-U.S. Privacy Shield framework):

Heroku's products are certified under the EU-U.S. Privacy Shield framework set forth by the U.S. Department of Commerce and the European Union. To view a description of how Heroku complies with the Privacy Shield Principles please visit: For more information on the EU-U.S. Privacy Shield, please visit the U.S. Department of Commerces Privacy Shield website here:

For other details about data residency on Heroku, please see here and also the Heroku Privacy Policy