The GDPR is the new European privacy law that replaces the EU Data Protection Directive. The law requires that business protect the privacy and personal data of EU citizens and transactions that occur within EU member states.
Personal data is any information relating to an identified or identifiable natural person (‘data subject’) – an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
It is helpful to know where your customers are geographically located: The GDPR applies to EU citizens and transactions that occur within EU member states. Therefore, to ensure that you are compliant with these regulations, you must be able to determine where your customers are located.
Prepare for demonstration of compliance. GDPR requires that processors make available all information necessary to the controller to demonstrate compliance. Dropsuite shall upon request of the Partner provide to the Partner information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR and allow for, and contribute to, audits, including inspections, conducted by the Controller or another auditor mandated by the Controller.
Dropsuite use Amazon Web Services and Google Cloud Platform to host the cloud infrastructure of our solution. Dropsuite has three datacentres in the EU. The region of datacentres in the EU are:
Data from EU users are stored in the datacentre in-region or if not available in-region, will be stored at the nearest datacentre within the EU.