The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) aims the unification of data storage rules all across the EU. To keep it simple: GDPR-compliant means “keeping personal user data on EU territory”. The main reason beyond this project is to simplify the legal field for international companies, which we and you, our readers, will certainly take advantage of. The regulation comes into effect on the 25th of May 2018, so it feels like we all need to be prepared.
In the short article below we’ll try to answer some of the most frequently-asked question from those looking to be GDPR-compliant.
Does this regulation apply to us? Do we even need to bother?
Oh, yes it certainly does: if your company is registered in the EU, or your data is in the EU, or your data is sometimes processed on the EU territory or by a EU company, or some of your users are EU citizens.
Does it matter which EU state my case is related to?
Definitely it does matter a lot, because each country is supposed to have a commission of its own: ” Each member state will establish an independent Supervisory Authority (SA) to hear and investigate complaints, sanction administrative offences, etc. SAs in each member state will cooperate with other SAs, providing mutual assistance and organising joint operations. ”
To be GDPR-compliant – what else do I need to do?
You need to be able to share some data with an officer from the commission above: “…including the retention time for personal data and contact information for data controller and data protection officer has to be provided.”
Is there a GDPR-compliant backup service I could trust?
UpSafe is a 100% GDPR-compliant enterprise, providing backing up your G Suite or Office 365 (including emails, drives, calendars, contacts and even SharePoint). Upon request we can use EU-based storage and offer full transparency.
We work for your security.