At DataShuttle, we're building a better way to host websites. Crucial to this is protecting the data of our customers and their end users.
The European Union's General Data Protection Regulation (GDPR) is a privacy law that came into effect on May 25, 2018. The GDPR sets rules about how companies collect, store, delete, and process the personal data of EU citizens. These rules apply to any company that processes the personal data of EU citizens, even if that company is not located in the EU.
DataShuttle is GDPR-compliant. If you have any questions related to the GDPR, you can send them to firstname.lastname@example.org.
The primary purpose of logs with IP addresses is for security. The GDPR recognizes that you have a legitimate interest in maintaining security and allows data collection and processing for legitimate interests. Therefore, the reasonable retention of log files such as DataShuttle configures is allowed by the GDPR.
At a high level, here are the steps to becoming compliant with the GDPR:
You can find a list of our sub-processors here.
DataShuttle is certified with both the EU-U.S. and the Swiss-U.S. Privacy Shield frameworks.