GDPR and your rights

The internet has an enormous effect on the way we communicate and how we handle everyday business. It plays a major role in our lives. We use the internet for all sorts of online communication and payments without really thinking about how our personal data is processed. What is your data really used for? In order to give customers more control over their personal data, a new European privacy regulation called The General Data Protection Regulation (GDPR) will come into effect on 25 May 2018. Below we have explained what the right of our customers are and what measures we have taken to be GDPR compliant.

What is GDPR?

The GDPR is the new European privacy law. The main intent of GDPR is to give, individuals, customers, contractors, and employees more power and control over their personal data. It imposes stricter rules on companies who collect personal data to ensure that the privacy of individuals remains protected.

What rights does GDPR give to customers?

The right to access – Customers have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data in the requested format.

The right to be forgotten – If you are no longer a customer, or if the Processing agreement has been terminated the customer has the right to have his data deleted.

The right to data portability – Customers have the right to receive the personal data that they have requested and they also have the right to transfer it to another controller for processing.

The right to have information corrected – This ensures that customers can have their data updated if it is out of date or incomplete or incorrect.

The right to receive a Breach notification –  Customer should be notified within 72 hours of a data breach.

What can you do to ensure GDPR compliance?

Understand the law and map your company’s data – It is important to know what your obligations under GDPR are. Map where all of the personal data in your business comes from and document which data is processed by your company and for what purpose. Composing a privacy register will help you in order to determine whether you have valid reasons to gather certain information.

Ask where your data is stored – We store your data in the Netherlands, but it is also important for you to know whether your other suppliers store your data in the EU as well. So keep yourself informed.

Be sure that your data storage is stored safely –  Have you chosen a  data partner that ensures the security of your data? Be sure that the data storage of your partner is secure. Read the processing agreements of your partners to find out what personal data they process and whether this is done securely.

How does SolidVPS.nle nsure GDPR compliance?

As processors of data, we are responsible for handling all data with care. In the past months, we have worked on a new Privacy Statement and Data Processor Agreement where we have clearly explained how the data of our customers are stored and processed. Furthermore, we have composed a data emergency plan to ensure the safety of our infrastructure, data, company information and customer information.

Are there limitations to where data can be stored?

According to the GDPR, personal details may in principle only be stored in the EU and several other countries that are marked as safe by the EU. Transfers to countries outside of the European Union are not permitted unless the customer gives permission to do otherwise. We assure all our customers that their data is stored in The Netherlands and possibly in Europe.