Cloudability logo

Cloudability GDPR Readiness

With the European Union (EU) General Data Protection Regulation (GDPR) taking affect in May 2018, Cloudability has formally reviewed our readiness to ensure that our organization and services are in compliance. The following is a highlight of the steps that we have taken to prepare.

Legality of Processing

Cloudability is actively enrolled in Swiss-US and EU-US Privacy Shield. Privacy Shield was recognized by EU regulators as providing adequate privacy controls in accordance with EU standards.

You can find our privacy shield listing here.

Notice

We clearly notify our users as to how we use their data in our privacy policy which you can find on our webpage here.

Access and Choice

If you want to see what personal data Cloudability has about you, or you want us to send you a copy or delete your data, you can simply email us your request and we will respond promptly and work with you to provide the information in a standard, common format.

Email privacy inquiries here: privacy@cloudability.com

We’ve never received a request that we couldn’t accommodate, but if that were to happen you could take your complaint to our Independent Recourse Mechanism (IRM) as described in our Privacy Policy. Here’s the link to our IRM.

 

Restriction of Processing, Accountability and Transparency

At Cloudability we recognize our responsibility to protect your data even in cases where we send it to a subprocessor to assist us in providing our service. Consequently, we diligently review any potential privacy risks and the controls in place with our third-party suppliers and limit their use of your data to that which we have instructed them, in accordance with the purposes for which we collected it, which is providing you with our services. We’ve either executed or are in the process of executing Data Processing Addendums (DPAs), based on the EU Model Clauses, to ensure that our suppliers understand our requirements and commit to adhering to our standards for the protection of your personal data.

Security

Long before GDPR, we understood the importance of protecting the security and confidentiality of our customer and company data. Consequently, we have robust security controls built into every layer of our application, service and organizational processes. Our security controls are aligned with the ISO 27001 framework and easily meet or exceed the EU regulatory guidance on expected technical and organizational measures.