On 25:th of May 2018, the new data protection regulation from the EU, DGPR (General Data Protection Regulation) gets active. This is a new EU regulation aimed at strengthening the protection of individuals in the processing of personal data. When it becomes active, it replaces the 1995 Data Protection Directive, as well as all current member states current national regulations.
Here you can find information about GDPR and what it means:
Servage acts as a personal data controller (controller) for you as a customer to us, and for your information you provide when registering in our services. This means that we undertake the responsibility of GDPR for personal data administrators regarding processing of your personal data. On the “Data Protection Policy” page you will find all the information that concerns you as registered with us. Our customers may, in turn, be personally responsible for information they collect and store in our services, and our role will then be as a Personal Data Adviser to our customers.
Servage’s role as “processor”
For those who store personal information in our services, we act as a personal information assistant (processor). This is something that is important primarily for you as a customer to keep track of and as personal data controller you need to make sure you have a data processing agreement . We have, together with our legal partnerss, put together a data protection agreement (DPA) that applies to all our customers. This, together with Appendix 1 (“Personal Data Handling”), our Terms and Conditions, and our Data Protection Policy, are the information that you should look at when considering us as a processor.
Unfortunately, we do not have the possibility to make adjustments to the agreement we offer, nor sign it physically for our customers in our web hosting- or cloud services – but are offering the digital standard agreement found in the documents section below.
What to consider when processing personal data in Servage’s services
First of all, it’s important to fully understand what actually classifies as personal data. If you know that you treat personal data in one way or another, there is much to think about.
Some tips we can provide regarding personal data processing related to our services are:
Do not process personal information you do not need (regardless of consent) and, if possible, refrain entirely from processing extra sensitive data.
Make sure that the information you process and collect is done on a legal basis.
Make sure you monitor your responsibilities as personal data controller.
Use encrypted protocols for eg. your web, mail and file transfers.
Keep your applications where data is processed secure, constantly updated and limit the access to data as much as possible.
Important documents and information for our customers
We have gathered these important documents and pages of information that apply to you as a customer to Servage from 2018-05-25:
We work together with our law firm continuously to have good and clear terms and conditions, and have also built up good practices and systems for data protection and GDPR with the help of a supplier that works with this.