As a European enterprise customer, we have to follow European privacy laws. I hope you can answer some questions on this topic.
Does lastpass adher to the safe harbor agreement? Lastpass is not mentioned in the official safe harbor list, nor does it mention it on the website. Since you process userdata, (at least e-mailadresses) this is mandatory for european customers, right? Furthermore, I think we are obliged to have a processing agreement, or alternatively some other means which we can check, like certification. Are you certified (for example IS0-27001?), or do you have standard processing agreements for you european customers?