Blog / GDPR

Kentico Cloud’s Successfully Crossed the GDPR Waters


by Pavel Jirik

May 14, 2018

The EU’s GDPR is around the corner, and we’ve been working hard making sure you can continue working on your awesome projects in Kentico Cloud without any distractions.

At Kentico, we value the privacy and security of our customers (and their clients) above anything else, so it was our highest priority to comply with the EU’s legislation before it comes into effect on May 25, 2018.

We’ve spent countless hours discussing GDPR compliance with several legal and security domain experts so we all could reach the GDPR-compliant shore in one piece.

Lots of work has been done, and right now is the perfect time to take a look at what has been prepared for you in Kentico Cloud to make your post-GDPR life easier :)

Multiple Datacenters

From now on, when creating a new project in Kentico Cloud, you can decide whether your project’s data (including the tracked visitors’ data) is stored in Europe in the Netherlands, or on the West Coast of United States.

The user (meta)data required for the Kentico Cloud service to work properly, however, will always be stored in West Europe’s data center. This is to ensure GDPR compliancy even in cases when Kentico Cloud users work on different projects across multiple data centers.

Assistance to the Data Controller

We bet you are aware of the rights the GDPR grants you and your data subjects (visitors, customers, etc.). For example, the right to access, portability, or to be forgotten needs to be fulfilled within 30 days.

Therefore, we put our heads together to make it as easy for you as possible to deal with such requests by introducing the following out-of-the-box solutions:

Data Flow Mapping

We’ve mapped every type of personal data that Kentico Cloud uses. We listed them for you in our documentation so you can see them anytime.

Fulfilling GDPR Requests of Data Subjects

As already mentioned, everyone can exercise their GDPR right to access, move, or delete their data after May 25, 2018. We always want to give you the edge with Kentico Cloud, and so we have implemented a Personal Data API that you can use for the retrieval and deletion of the personal data of your tracked visitors.

But what about your personal data? Are we ready to fulfill your GDPR rights as well? You bet we are! Simply contact us and we will provide you with all the relevant information.

Data Processing Agreement

If you share personal data with any other controller, the GDPR requires you (as a data controller) to sign a written contract with that controller. Therefore, we will have a Data Processing Agreement available for you (as our customer or partner) that can be signed at any time. Feel free to contact us about it!

Let’s Travel the GDPR Waters Together

We hope that Kentico Cloud’s data protection enhancements will make your life easier in the upcoming GDPR-driven digital world, and you will be able to focus on your creative content even more!

Interested in more details? Then feel free to visit our Kentico Cloud GDPR compliance page, or do not hesitate to contact us! :)