BBAA Atlas

Does Amplitude offer EU data residency?

Amplitude, Inc. · Product Analytics · official site ↗

EU data residency availableEU-US DPF + SCCsDPA available
Where does Amplitude store EU data — and who can touch it?
Amplitude offers EU data residency, and relies on the EU-US Data Privacy Framework plus SCCs for transfers.
Amplitude runs an EU data centre on AWS in Frankfurt so customer data can be kept in Europe; it is certified to the EU-US Data Privacy Framework with SCCs incorporated into its DPA, which is self-serve.

EU data residency

Can you keep data in the EU?
Amplitude operates data centres hosted by AWS in both the US and the EU, with the EU facility in Frankfurt, Germany. EU residency is provisioned for the instance/organisation; confirm the exact set-up path for your account with Amplitude, as the residency region is fixed for an instance.
Transfer mechanism
Amplitude self-certifies under the EU-US Data Privacy Framework and the UK Extension, and incorporates the 2021 Standard Contractual Clauses into its DPA, with a stated order of precedence relative to the DPF.

Sub-processors

Who else processes your data?
Amplitude publishes a dated sub-processor list (~18 entities including AWS (US and EU/Germany), Google, OpenAI, Snowflake, MongoDB and Microsoft Azure, plus Amplitude's regional affiliates). Per its DPA, Amplitude updates the list at least 10 business days before granting a new sub-processor access; subscribe via subprocessor.notifications@amplitude.com. current sub-processor list ↗

Data Processing Agreement (DPA)

Does Amplitude sign a DPA?
Amplitude's DPA is incorporated into and forms part of the Amplitude Terms of Service with no separate signature and no plan-tier gating in the terms. DPA ↗
What the trust-badge pages don't tell you
Amplitude's EU (Frankfurt) data centre is confirmed, but the region is fixed per instance — decide EU vs US when the instance is set up, and confirm the provisioning path with Amplitude rather than assuming a self-serve toggle.
Last checked 2026-06-02confidence: medium · GDPR terms, residency regions and sub-processors change — confirm current terms with Amplitude, Inc. and run your own transfer impact assessment. This is not legal advice.
$249/moto monitor up to 25 vendors' DPA & residency
$3,000/yr, incl. cited bulk export

Monitor your whole vendor list for DPA & residency changes

The free lookup answers one vendor at a time. Teams running EU vendor intake track dozens and need to know the moment a sub-processor, residency region or DPA term changes. Leave your work email and we'll set up monitoring + a cited export for your list.

We'll reply to set up your vendor list and confirm pricing. No card, no checkout here.

Get notified when this changes

Compliance isn't one-and-done. Leave your email and we'll alert you when any vendor's BAA or HIPAA status we cover changes.

One email per change. No newsletter, no selling your address.

Frequently asked questions

Does Amplitude offer EU data residency?
Yes. Amplitude operates data centres hosted by AWS in both the US and the EU, with the EU facility in Frankfurt, Germany. EU residency is provisioned for the instance/organisation; confirm the exact set-up path for your account with Amplitude, as the residency region is fixed for an instance.
Where does Amplitude send my data, and does it rely on SCCs?
Amplitude self-certifies under the EU-US Data Privacy Framework and the UK Extension, and incorporates the 2021 Standard Contractual Clauses into its DPA, with a stated order of precedence relative to the DPF.
Who are Amplitude's sub-processors?
Amplitude publishes a dated sub-processor list (~18 entities including AWS (US and EU/Germany), Google, OpenAI, Snowflake, MongoDB and Microsoft Azure, plus Amplitude's regional affiliates). Per its DPA, Amplitude updates the list at least 10 business days before granting a new sub-processor access; subscribe via subprocessor.notifications@amplitude.com. See the current list at https://www.amplitude.com/subprocessor-list.
Does Amplitude sign a GDPR Data Processing Agreement (DPA)?
Yes — Amplitude's DPA is incorporated into and forms part of the Amplitude Terms of Service with no separate signature and no plan-tier gating in the terms.
Is Amplitude GDPR compliant?
Amplitude can be used in a GDPR-compliant way, but compliance depends on your configuration, not just the vendor: Amplitude runs an EU data centre on AWS in Frankfurt so customer data can be kept in Europe; it is certified to the EU-US Data Privacy Framework with SCCs incorporated into its DPA, which is self-serve. You are the controller — confirm the current DPA, residency and sub-processor terms with Amplitude, Inc. and run a transfer impact assessment before processing EU personal data. This is not legal advice.

Sources

Amplitude — Security and Privacy
https://amplitude.com/security-and-privacy
Supports: AWS data centres in US and EU; EU facility in Frankfurt, Germanydated: 2026-06-02
Amplitude — Data Processing Addendum
https://amplitude.com/terms/dpa
Supports: Self-serve DPA; EU-US DPF + 2021 SCCs; 10 business days' sub-processor noticedated: 2026-06-02
Amplitude — Sub-processor List
https://www.amplitude.com/subprocessor-list
Supports: Dated public sub-processor list including AWS EU (Germany)dated: 2026-06-02
This page is cited public information, not legal or compliance advice. Whether Amplitude can lawfully process your EU personal data depends on your plan, configured region, contract and a transfer impact assessment you control. Always confirm current terms with Amplitude, Inc. before sending EU personal data.

Check another vendor

AirtableEU residency on higher tiersAsanaEU residency on higher tiersAtlassian (Jira & Confluence)EU data residency availableBoxEU residency on higher tiersCalendlyNo EU data residencyDatadogEU data residency available

Browse all 25 vendors →