This provision states that due to the ongoing situation in the Middle East, customer organizations hosted in the UAE are routed to an EU location, trial and Scratch Org sign-ups from several Middle Eastern countries are routed to the EU, and Israeli commercial customer data is temporarily backed up to an EU location pending resolution of the crisis.
This analysis describes what Slack's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes temporary cross-regional data routing affecting customers in the UAE, Israel, Lebanon, Bahrain, Oman, Jordan, Qatar, Kuwait, and Egypt, creating a situation where Customer Data is processed in the EU regardless of customer location or regional preference, which may interact with both EU GDPR requirements for inbound transfers and the data protection frameworks of the originating jurisdictions.
Interpretive note: The document references 'the ongoing situation in the Middle East' and 'until the crisis has resolved' without specifying conditions or timelines, creating uncertainty about the duration and resolution criteria for this routing provision.
The document states that Customer Data for organizations in affected Middle Eastern jurisdictions is currently routed to EU locations due to the ongoing regional situation. This routing applies to hosted orgs, new trial sign-ups, Scratch Orgs, and commercial org backups depending on the specific country, and is described as temporary for Israeli backup data pending crisis resolution.
Cross-platform context
See how other platforms handle Middle East Data Routing to European Union and similar clauses.
Compare across platforms →Monitoring
Slack has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Due to the ongoing situation in the Middle East, orgs hosted in the UAE as well as new trial org sign ups and Scratch Orgs from Lebanon, Bahrain, Oman, Jordan, Qatar, Kuwait, Egypt, or the UAE will be routed to a location in the European Union. In addition, Customer Data of commercial Customer orgs in Israel will be temporarily backed up to a location in the EU until the crisis has resolved.— Excerpt from Slack's Slack Sub-Processors (Salesforce)
(1) REGULATORY LANDSCAPE: This provision engages both EU GDPR as the destination jurisdiction's data protection framework and the national data protection laws of UAE, Israel, and other affected countries as originating jurisdictions. Transfers into the EU generally benefit from the EU's adequacy framework, but the originating jurisdictions' laws may impose outbound transfer restrictions or data sovereignty requirements that interact with this routing. (2) GOVERNANCE EXPOSURE: Medium. Organizations in affected jurisdictions should assess whether the EU routing is consistent with their own applicable data protection obligations and any contractual data residency commitments. The temporary characterization of the Israeli backup routing creates uncertainty about the duration and resolution conditions. (3) JURISDICTION FLAGS: UAE organizations face permanent routing to the EU under the current terms; Israeli commercial organizations face temporary EU backup routing. Organizations in Lebanon, Bahrain, Oman, Jordan, Qatar, Kuwait, and Egypt face EU routing for new sign-ups and Scratch Orgs. Each of these jurisdictions maintains its own data protection framework, the applicability of which to this routing should be evaluated by affected organizations. (4) CONTRACT AND VENDOR IMPLICATIONS: Customers in affected jurisdictions should confirm whether this routing was disclosed and agreed to in their service contracts and whether it aligns with any data residency representations made at the time of contracting. The conditional nature of the Israeli backup resolution (tied to 'the crisis') creates an open-ended timeline that may affect data residency planning. (5) COMPLIANCE CONSIDERATIONS: Organizations in affected jurisdictions should evaluate whether EU routing of their Customer Data requires notification to applicable supervisory authorities, review their transfer impact assessments for transfers from their home jurisdiction to the EU, and monitor Salesforce's updates to this provision as the regional situation evolves.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes temporary cross-regional data routing affecting customers in the UAE, Israel, Lebanon, Bahrain, Oman, Jordan, Qatar, Kuwait, and Egypt, creating a situation where Customer Data is processed in the EU regardless of customer location or regional preference, which may interact with both EU GDPR requirements for inbound transfers and the data protection frameworks of the originating jurisdictions.
The document states that Customer Data for organizations in affected Middle Eastern jurisdictions is currently routed to EU locations due to the ongoing regional situation. This routing applies to hosted orgs, new trial sign-ups, Scratch Orgs, and commercial org backups depending on the specific country, and is described as temporary for Israeli backup data pending crisis resolution.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Slack.