The GDPR protects the rights of individuals when storing personal data. From the point of view of businesses, there are other aspects that are just as important to consider when choosing a cloud service to store, share and collaborate with company files.
To meet the requirements of the GDPR, US cloud services are forced to offer storage also within the EU to Swedish companies. Is it safe to use these services? Well maybe in terms of GDPR (there are some other requirements for GDPR as well) but what many people don't think about, when using foreign cloud services, is that they expose the company's stored files (and the company) to foreign laws. Therefore, one should be very careful about what kind of information the company stores on these services. With Storegate, you don't have to think about this at all. We are a Swedish company operating under Swedish law, just like our customers.
US law is strong and cloud service providers like Google, Microsoft, Dropbox and others cannot contract out of it. An example of this is how Karolinska Institutet has to warn its users about the type of information it stores in the Box cloud service. The following can be read on Ki's website.
"What files should I not put in the KI Box?"
"Confidential/protectable information, such as information that could lead to a patent, must not be stored in the KI Box as the agreements do not contain any protection against the application of another country's law. Box cannot contract out US law in this regard."
"As a general rule, no personal data relating to research subjects should be stored in the KI Box, as it is usually considered sensitive information."
