{"id":5579,"date":"2021-03-23T16:04:48","date_gmt":"2021-03-23T15:04:48","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/us\/is-it-possible-to-utilize-cloud-services-in-a-gdpr-compliant-manner"},"modified":"2024-05-07T18:54:43","modified_gmt":"2024-05-07T16:54:43","slug":"is-it-possible-to-utilize-cloud-services-in-a-gdpr-compliant-manner","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/us\/is-it-possible-to-utilize-cloud-services-in-a-gdpr-compliant-manner\/","title":{"rendered":"Is it possible to utilize Cloud Services in a GDPR-compliant manner?"},"content":{"rendered":"\n
\u201cThe use of Microsoft software by authorities is illegal\u201d and \u201cAuthorities should immediately stop using Microsoft\u201d dominated the headlines following a recent press release<\/a> issued by Heinz M\u00fcller, a German state Data Protection Commissioner.<\/p>\n\n\n\n With these statements, the commissioner is essentially taking the same stance<\/a> that a group of federal and state data protection officers had already indicated at a conference last September. The matter has additionally been discussed in numerous EU countries, as clearly indicated in a public paper<\/a> released by the EDPS (European Data Protection Supervisor). The criticism focuses on Microsoft cloud services, Microsoft 365, as well as other operating systems, office applications, and video conferencing solutions supplied by providers based outside of the EU. European data guardian\u2019s view is that regular use of such services allows the flow of personal data to third parties who lack a sufficient legal basis for accessing it.<\/p>\n\n\n\n Last autumn however, certain data protection representatives were not all on the same page<\/a>. At that time, nine members of the data protection conference were of the opinion that utilizing such services was not in line with data protection regulations. This in contrast to the remaining eight members who voted against the position of the other nine. Nevertheless, all members saw potential for improvement, especially in light of the CJEU\u2019s \u201cSchrems II\u201d decision on the US Privacy Shield<\/a> in July 2020.<\/p>\n\n\n\n This discord makes it clear how much opinions differ with regard to assessing the legality of cloud services. We have compiled this useful list of tips<\/a> to detail what you need to consider when assessing the legal certainty of the cloud services you use. The web page also provides a free questionnaire to use to check whether cloud service providers are processing data in compliance with the GDPR.<\/p>\n\n\n\n According to Heinz M\u00fcller companies are left with only one option \u2013 using open source products to ensure data protection and safeguard the digital sovereignty of government agencies and authorities. All services provided by Retarus \u2013 whether it\u2019s the Secure Email Platform<\/a>, the Communications Platform<\/a> or the Business Integration Platform<\/a> \u2013 can be run in compliance with GDPR<\/a>, even in conjunction with cloud services provided by commercial suppliers such as Microsoft, SAP, Oracle, or any open source systems. All data belonging to European customers is processed exclusively in data centers located in Europe and operated by Retarus itself, unless otherwise contractually agreed upon.<\/p>\n","protected":false},"excerpt":{"rendered":" \u201cAuthorities should immediately stop using Microsoft\u201d was the strident tone echoed across headlines following a recent press release issued by a German state Data Protection Commissioner. However, there are cloud services that are fully GDPR compliant. <\/p>\n","protected":false},"author":7,"featured_media":5581,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_s2mail":"yes","footnotes":""},"categories":[66,8],"tags":[80,249,477],"class_list":["post-5579","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud","category-news","tag-cloud-services","tag-data-protection","tag-gdpr"],"acf":[],"yoast_head":"\nTips for implementing the GDPR provisions<\/h2>\n\n\n\n