What is the GDPR?The General Data Protection Regulation (GDPR) is a new privacy regulation that governs the collection, storage, deletion and processing of the "personal" data of European Union ("EU") subjects. Because it is a regulation and not a directive, it harmonizes data privacy laws across the EU and will become law throughout the EU on May 25, 2018. The GDPR applies to organizations processing personal data of EU subjects, regardless of whether the data is processed in the EU.
What is personal data?The concept of "personal data" under the GDPR is much broader than the US concept of "personally identifiable information", or "PII". Under the GDPR, personal data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
What is ELASTICERA doing about it?ELASTICERA takes privacy and data protection very seriously and is fully committed to becoming GDPR compliant by May 25th. We have brought together legal, privacy, technology and business experts with the aim of understanding the regulatory impact of the GDPR and identifying the best course for implementation.
What is ELASTICERA's position on GDPR?ELASTICERA acts solely as a data processor in connection with providing its services. As a data processor, we will process personal data on behalf of our customers in connection with providing services to our customers. Our customers are the data controller for any personal data made available to us in connection with our customer's use of our services. Our customers determine the purposes and means of processing the personal data, and we, as the data processor, process that personal data on behalf of our customers. We have in place security measures to protect personal data.
What types of personal data does ELASTICERA process?ELASTICERA is merely a conduit of information controlled by its customers or their end users. Our customers or their end users control the content and data transmitted, routed, switched and cached across our network. We may gather certain information about our customers or their end users regarding their use of our services or websites, and process data submitted by customers which we are instructed to process on our customer's behalf. While we do not determine what data we receive as part of providing the services, the data typically includes information such as IP addresses and customer business contact information. We process such data in order to provide the applicable service to our customers and in accordance with applicable laws, including the GDPR.
Last Updated: May 25th, 2018