BBAA Atlas

Does Miro offer EU data residency?

RealtimeBoard, Inc. (dba Miro) · Visual Collaboration · official site ↗

EU residency on higher tiersEU-US DPF + SCCsDPA available
Where does Miro store EU data — and who can touch it?
Miro offers EU data residency only on higher plan tiers, and relies on the EU-US Data Privacy Framework plus SCCs for transfers.
Miro offers EU data residency that keeps customer content in EU data centres for Enterprise Plan customers; it is certified to the EU-US Data Privacy Framework with SCCs, and the DPA is self-serve.

EU data residency

Can you keep data in the EU?
Miro's EU data residency hosts customer content (compute, production, backup and metadata) in EU data centres. Miro frames it as an Enterprise Plan capability, so EU residency is gated to that tier rather than available on standard plans.
Transfer mechanism
Miro (RealtimeBoard, Inc.) is certified under the EU-US Data Privacy Framework, and its DPA applies the SCCs (Modules 2/3) where the DPF does not cover a transfer.

Sub-processors

Who else processes your data?
Miro publishes a current sub-processor list (~11 entities including AWS, Microsoft, Anthropic, Zendesk and Gainsight; AI models are accessed via AWS Bedrock). Per its DPA, Miro offers a 10-day opt-in change notice and a 30-day objection window. current sub-processor list ↗

Data Processing Agreement (DPA)

Does Miro sign a DPA?
Miro's DPA is incorporated into and forms part of the customer agreement (click-through); customer-proposed revisions are not accepted, so it applies uniformly without negotiation. DPA ↗
What the trust-badge pages don't tell you
Unlike many tools, Miro's EU residency covers production, backup and metadata in EU data centres — but it is an Enterprise-tier capability, so standard/business plans do not get EU hosting.
Last checked 2026-06-02confidence: high · GDPR terms, residency regions and sub-processors change — confirm current terms with RealtimeBoard, Inc. (dba Miro) and run your own transfer impact assessment. This is not legal advice.
$249/moto monitor up to 25 vendors' DPA & residency
$3,000/yr, incl. cited bulk export

Monitor your whole vendor list for DPA & residency changes

The free lookup answers one vendor at a time. Teams running EU vendor intake track dozens and need to know the moment a sub-processor, residency region or DPA term changes. Leave your work email and we'll set up monitoring + a cited export for your list.

We'll reply to set up your vendor list and confirm pricing. No card, no checkout here.

Get notified when this changes

Compliance isn't one-and-done. Leave your email and we'll alert you when any vendor's BAA or HIPAA status we cover changes.

One email per change. No newsletter, no selling your address.

Frequently asked questions

Does Miro offer EU data residency?
Only on higher tiers. Miro's EU data residency hosts customer content (compute, production, backup and metadata) in EU data centres. Miro frames it as an Enterprise Plan capability, so EU residency is gated to that tier rather than available on standard plans.
Where does Miro send my data, and does it rely on SCCs?
Miro (RealtimeBoard, Inc.) is certified under the EU-US Data Privacy Framework, and its DPA applies the SCCs (Modules 2/3) where the DPF does not cover a transfer.
Who are Miro's sub-processors?
Miro publishes a current sub-processor list (~11 entities including AWS, Microsoft, Anthropic, Zendesk and Gainsight; AI models are accessed via AWS Bedrock). Per its DPA, Miro offers a 10-day opt-in change notice and a 30-day objection window. See the current list at https://miro.com/legal/documents/Miro-Current-Subprocessors-List.pdf.
Does Miro sign a GDPR Data Processing Agreement (DPA)?
Yes — Miro's DPA is incorporated into and forms part of the customer agreement (click-through); customer-proposed revisions are not accepted, so it applies uniformly without negotiation.
Is Miro GDPR compliant?
Miro can be used in a GDPR-compliant way, but compliance depends on your configuration, not just the vendor: Miro offers EU data residency that keeps customer content in EU data centres for Enterprise Plan customers; it is certified to the EU-US Data Privacy Framework with SCCs, and the DPA is self-serve. You are the controller — confirm the current DPA, residency and sub-processor terms with RealtimeBoard, Inc. (dba Miro) and run a transfer impact assessment before processing EU personal data. This is not legal advice.

Sources

Miro — EU data residency
https://miro.com/blog/eu-data-residency/
Supports: Customer content (compute/production/backup/metadata) in EU data centres for Enterprise Plan customersdated: 2026-06-02
Miro — Customer Data Processing Addendum
https://miro.com/legal/customer-data-processing-addendum/
Supports: Self-serve click-through DPA; EU-US DPF + SCCs (Modules 2/3)dated: 2026-06-02
Miro — Current Sub-processors List
https://miro.com/legal/documents/Miro-Current-Subprocessors-List.pdf
Supports: Public sub-processor list; 10-day opt-in notice, 30-day objection windowdated: 2026-06-02
This page is cited public information, not legal or compliance advice. Whether Miro can lawfully process your EU personal data depends on your plan, configured region, contract and a transfer impact assessment you control. Always confirm current terms with RealtimeBoard, Inc. (dba Miro) before sending EU personal data.

Check another vendor

AirtableEU residency on higher tiersAmplitudeEU data residency availableAsanaEU residency on higher tiersAtlassian (Jira & Confluence)EU data residency availableBoxEU residency on higher tiersCalendlyNo EU data residency

Browse all 25 vendors →