General Data Protection Regulation (GDPR)

 

On the 25th of May 2018 the European data protection legislation that replaces the existing 1995 EU Data Protection Directive will come into force. This legislation is known as General Data Protection Regulation (GDPR).

GDPR strengthens the rights that individuals have regarding personal data relating to them and seeks to unify data protection laws across Europe, regardless of where that data is processed.

For GDPR regulation, UnitedHosting Ltd will act as a data processor for any data that has been provided, uploaded or transferred to our servers. Any client uploading this data will be classed as the data controller.

 

Data Physical Locations

Data provided to UnitedHosting is stored solely in the UK.

Type of Data

GDPR legislation applies to any data that can identify a living person including but not limited to email address, postal address and phone number.

 

Data Processing Agreements

Our data processing commitments are set within the Privacy Policy. These have been updated from feedback with clients and guidance from regulators. More recently it has been updated to include GDPR legislation.

Deleting Data

Any data you delete from our servers will be deleted immediately.  Should your product include a backup solution, then this data will be removed within 30 days.

On cancellation of services, data will be destroyed within a maximum period of 180 days. Any customer data may be retained for up to 6 years to satisfy legal obligations.

Data Breach

Under GDPR it is the responsibility of the data controller (the UnitedHosting client) to report a data breach to the Information Commission although UnitedHosting, as the data processor, will assist in the breach notification.

Glossary Data Subject

A living person or individual.

Data Controller

The organisation that collects and determines how the information will be processed, i.e. a UnitedHosting client.

Data Processor

An organisation that receives information from the data controller, i.e. UnitedHosting Ltd.

Personally Identifiable Information (PII)

Information that can identify a living individual.

Supervisory Authority

The authority responsible for enforcing the regulation within a specific territory. In the UK it will be the Information Commission’s Office (ICO).

Individual Rights

The rights that empower the individual. Data Breach Intentional or accidental loss/damage to information.


  Print


Comments


Please login to comment