CumulusPro and the General Data Protection Regulation (GDPR)
The GDPR was created to harmonize data privacy laws across Europe, protect the rights that individuals have regarding personal data relating to them regardless of where the data is processed. CumulusPro team is committed to GDPR compliance across our Cloud Services. We are also committed to helping our customers and partners with their GDPR compliance journey by providing robust privacy and security protections built into our services.
What it means to you
What are your responsibilities as CumulusPro customer or partner?
CumulusPro customers or partners will typically act as the data controller for any personal data they provide to CumulusPro in connection with their use of CumulusPro Cloud Services. The data controller determines the purposes and means of processing personal data, while the data processor processes data on behalf of the data controller. CumulusPro is a data processor and processes personal data on behalf of the data controller when the controller is using our Cloud Services.
Data controllers are responsible for implementing appropriate technical and organisational measures to ensure and demonstrate that any data processing is performed in compliance with the GDPR. Controllers’ obligations relate to principles such as lawfulness, fairness and transparency, purpose limitation, data minimisation, and accuracy, as well as fulfilling data subjects’ rights with respect to their data.
We advise that you should also seek independent legal advice relating to your status and obligations under the GDPR, as only a lawyer can provide you with legal advice specific to your requirements. Please bear in mind that nothing on this website is intended to provide you with, or should be used as a substitute for legal advice.