As I understand it it is actually not a issue as they have strong enough privacy laws that EU have said good for it. Though when doing business with EU citizens they of course still have to follow the rest of gdpr.

https://ec.europa.eu/info/law/law-topic/data-protection/inte...

It depends on the kind of data stored. Things critical to your national security or citizen data usually needs to be stored within EUs borders.

Unless I'm mistaken, you should be able to host the data inside the EEA (https://en.wikipedia.org/wiki/European_Economic_Area).

While Switzerland is not a member, they do have special agreements for trade reasons so it might be okay to store data there.