Protecting our privacy on the internet brings not only a complex and extensive set of rules, but also a host of abbreviations and terms - below is an explanation of the most common ones that are useful to know.
Cloud service: is an online IT service. There are many different examples of cloud services, such as Outlook, Teams, Dropbox and others. You probably use many cloud services on a daily basis and a common denominator for all of them may be that you need an internet connection to access the services.
Data controller: company/organisation using cloud service for processing personal data. The person who determines the purposes and means of processing personal data, for example you as a business owner or organisation.
Third country: a state that is not part of the EU or a member of the EEA, such as Canada, Japan and the United States.
The EU General Data Protection Regulation ( GDPR ) was introduced on 25 May 2018. It covers all companies that process and store personal data and of course we at Storegate comply with this regulation. According to the GDPR, personal data is any information that is linked to a living person, such as names, photos, email addresses, IP addresses, location information, etc.
Safe Harbor: EU-US agreement on adequate protection of personal data developed and adopted in 1995. Invalidated in 2015 following the Schrems - Facebook ruling, when it was held that personal data processed in the US was not adequately protected from government surveillance.
Privacy Shield: Some time ago, the European Court of Justice announced that the "Privacy Shield " data protection agreement, which allowed transfers of EU citizens' personal data to the US, has been invalidated. This came in the wake of the ruling in Schrems ll vs Facebook on 16 July 2020, which means that the transfer of personal data of EU citizens to US-owned cloud services is no longer allowed.
FISA: Foreign Intelligence Surveillance Act, which allows US authorities to conduct electronic surveillance and access data stored in US cloud services.
CLOUD Act: The CLOUD Act gives US authorities access to data stored on US cloud services, even if it is stored in the EU. US companies are therefore obliged to disclose your personal data, because of this law.
DPO, Data Protection Officer: person in a company/organisation responsible for overseeing and reporting on internal procedures regarding the handling of personal data.
Processing of personal data: e.g. collection, recording, organisation, storage, processing, reading, use, dissemination, etc. (Also applies to automated processing).
Processor: supplier, who may only process the data according to the instructions of the controller.
Impact assessment: includes details of purpose, third country, technical safeguards and contract for processing of personal data by processor.
Written data processor agreement: must be drawn up by the controller and signed with each processor and any sub-processors. Essential to demonstrate that assistants take the necessary security measures.
We understand that it can be difficult at first, but at Storegate we are happy to help you find the right one. With our Swedish cloud service, you won't have to worry about foreign legislation and it will also be easy to comply with GDPR. Get started and start storing and working with your files with us. It's both easy and secure.
Do you want to get in touch with us? Contact sales@storegate.com and they'll tell you more.
