GDPR Information

 

What is GDPR and how will it affect you?

The new European Union General Data Protection Regulations (GDPR) will commence as of 25th May 2018, and will impact all organizations that hold or process personal data.

GDPR will:

  • highlight new areas of responsibility
  • demonstrate organizations need for compliance
  • ensure enforcement of this compliance
  • increase all penalties against organizations than the current Data Protection Act, which it will supersede.

What is 100TB doing to comply with GDPR laws?

100TB is committed to the highest standards of information security, privacy and transparency. 100TB ensures that a high priority is placed on protecting and managing all data and will comply with all applicable regulations and ensure that as a data processor all contractual obligations for our products and services are met.

At 100TB we have been working hard to make sure we are compliant. We want to share with our customers some of the key points and commitments we are making.

100TB has four main areas of focus to prepare for GDPR which is being overseen by a dedicated internal team.

  1. Develop compliance plans and strengthen current platform.
  2. Introduce programmes to support compliance.
  3. Streamline of organizational processes.
  4. Provide services and solutions for customers in a compliant GDPR manner.

At 100TB compliance is a responsibility shared across multiple areas within the business who are also adapting processes in preparation for GDPR.

What are 100TB’s Commitments?

The definition of a data processor under GDPR is a person or organization who deals with personal data as instructed by a controller for specific purposes and services offered to the controller that involve personal development processing.

As a data processor (your data which is on our services) we commit to:

  • Processing data solely for the purposes of providing our services: 100TB will never use this data for anything other than the essential operation of the service i.e. not for marketing or data mining.
  • Informing you should we ever use a subcontractor to process your personal data.
  • Reporting any data breach to you without undue delay (caused by our actions as a processor).
  • Helping you to meet your regulatory obligations by providing reasonable documentation about our services.
  • Securely storing your data and applying strict security standards and processes.

The definition of a data controller under GDPR is simply the organization (a legal person, agency, public authority etc) or the natural person which, alone or depending on the organization and personal data processing activity, in collaboration with others defines what needs to happen with the person’s data and plays an important role with regards to personal data protection.

As a data controller (the data we hold about you to provide you with the service you need) we commit to:

  • Only requesting and storing the personal data that is necessary for us to provide the service to you.
  • Not transferring this data to third parties, other than to companies associated with 100TB and if any data is transferred outside the EU only in accordance with strict corporate data rules that are in compliance with GDPR.
  • Only using that data for the purpose it was collected for; e.g. we do not sell your data on to other companies.
  • Securing this data with technical and procedural standards to ensure a high level of security.
  • Retaining this data for only as long as necessary.

GDPR FAQs

Where is my data held and is it ever transferred outside the EU?

As a data controller (the data we hold on you as a customer) your data is held in the location you signed up in (e.g. for 100TB.com it is held in the US). If this sign-up was in the EU then all data is held and stored within the EU only.

As a data processor (the data you hold on our servers);

If your data is held on a 100TB, dedicated server or managed solution it is held in the location you requested upon deployment of your service. If this is outside the EU then the data will also be held outside of it. If the location the information is deployed to is inside the EU then the data is only stored where you requested - in the unlikely event of having to transfer this data outside of the EU adequate notice would be given to you and would only be in response to a very exceptional circumstance.

If your data is held as part of a shared hosting service it will be held in the geographical location of the brand you are signing up for (e.g. US for 100TB.com).

If this is an ancillary service in some cases data may be held outside the EU but only in accordance with strict contractual obligations to satisfy GDPR regulation.

How does 100TB secure my data?

We use a number of techniques and processes to ensure that data is secured, including but not limited to:

  • Vulnerability scanning
  • Two-factor authentication
  • Role-based access controls
  • Firewalls and ACLs
  • Static analysis
  • Network monitoring and intrusion detection
  • Patch management processes

Browse our servers

Shop Now

Learn about the power of 100TB's platform

Download White Paper

Chat with our experts

Live Chat

NEED HELP?

Hello, Thanks for visiting.

Have a question about 100TB.com?

Chat with an expert

OR


Contact Us Anytime:
18883950752