Cloud Computing Store provides cloud infrastructure services, managed services, and business continuity solutions to help businesses deploy and secure their applications, websites, databases, and more on the cloud, enabling them to be more agile. Often, these services entail that Cloud Computing Store servers receive and store “personal data” as defined in EU data protection laws.
Cloud Computing Store customers may use Cloud Computing Store’s services to store, transmit, encrypt, decrypt, modify, process, and otherwise manipulate and/or transmit this personal data as they see fit. Cloud Computing Store provides the infrastructure for businesses to build on, but Cloud Computing Store does not control how its infrastructure is used specifically, thus there are a wide range of applications and ways that personal data may be processed on top of the Cloud Computing Store platform.
Although Cloud Computing Store is a US based company, Cloud Computing Store takes EU Data Processing laws seriously. Cloud Computing Store complies with EU Data Processing laws, including:
- as of 18 May 2017 the Data Protection Directive
- as from 25 May 2018 replaced by the GDPR
In relation to EU privacy laws, Cloud Computing Store categorizes personal data into two categories:
- In most application cases, Cloud Computing Store merely stores, transmits or manages data for its customers at the direction of the customers. In these respects, Cloud Computing Store is simply a processor of customer data.
- Cloud Computing Store collects and stores detailed contact information, payment information, communication records, and other information for the purposes of billing, providing services, verifying the identity of customers over the telephone, marketing, and more. In these respects, Cloud Computing Store is a controller of its own customer data. For customer data that Cloud Computing Store stores for the purposes of account management, Cloud Computing Store will comply with its Privacy Policy, as posted online.
- Access: Customer manages who has access to systems; Cloud Computing Store provides tools and general network and physical level security
- Storage: Customer decides what to store and where; Cloud Computing Store provides environment where the data is stored
- Transmission: Customer makes content available on the internet; Cloud Computing Store provides network connectivity for this content to be accessed remotely by users
- Security: Cloud Computing Store implements standard up-to-date security measures to secure the environment and connections; Cloud Computing Store can deliver additional and/or alternative measures upon customer’s request Customer decides what security measures are implemented within the environment and what passwords are used to protect it; Cloud Computing Store can provide assistance in this regard
- Disclosure: Cloud Computing Store will not disclose unless required by law or a binding judicial order
- Compliance with other elements of data protection laws, such as data subject rights, data breaches, data protection impact assessment, prior consultation: Cloud Computing Store can provide assistance upon customer’s request
The GDPR applies to Cloud Computing Store’s processing activities for its customers if:
- The customer uses Cloud Computing Store’s services in the context of its activities of its establishments in the EU;
- The customer uses Cloud Computing Store’s services of Cloud Computing Store’s establishment in the EU (in Amsterdam, the Netherlands); or
- The customer uses Cloud Computing Store’s services for:
- Offering goods or services to data subjects in the EU; or
- Monitoring the behavior of data subjects in the EU
In this respect, we request our customers to inform us when they intend to use our services in the context of any EU establishment or if they otherwise feel that the GDPR is applicable to the processing of their data (cat. 1).
Note that for the personal data we process for our own purposes (cat. 2) and for which we would be the controller, the GDPR only applies to the extent that:
- The processing occurs in the context of the activities of the Cloud Computing Store establishment in the EU (Amsterdam, the Netherlands);
- The processing relates to:
- Offering goods or services directly to data subjects in the EU; or
- The monitoring of the behavior of data subjects in the EU.
To ensure GDPR compliance Cloud Computing Store undertakes the following:
- Cloud Computing Store is EU-US Privacy Shield certified
- Cloud Computing Store enters into data processing agreements with its customers if the GDPR applies to the processing of their data
- Cloud Computing Store enters into sub-processing agreements with its providers if necessary
- Cloud Computing Store implements up-to-date security measures, performs regular audits, and is willing to implement additional measures upon customer’s request.
- In areas applicable to GDPR, Cloud Computing Store offers its customers assistance in relation to security, data subject rights, data breaches, data protection impact assessment, prior consultation and other elements of the GDPR.
This website uses cookies to improve our user experience. More info.
