The GDPR protects the rights of individuals when storing personal data. From a business point of view, there are other aspects that are equally important to consider when choosing a cloud service to store, share and collaborate on company files.
To comply with the GDPR, US cloud services are forced to offer storage also within the EU to Swedish companies. Is it then risk-free to use these services? Yes, maybe when it comes to GDPR (there are some other requirements for GDPR as well) but what many people do not think about, when using foreign cloud services, is that you expose the company’s stored files (and the company) to foreign laws. Therefore, you should be very careful about what kind of information your company stores on these services. With Storegate, you don’t have to worry about this at all. We are a fully Swedish company operating under Swedish law, just like our customers.
US legislation is strong and cloud service providers such as Google, Microsoft, Dropbox and others cannot contract out of it. An example of this is how the Karolinska Institute has to warn its users about the type of information it stores in the cloud service Box. The following can be read on Ki’s website.
“What files should I not put in KI Box?”
“Confidential/protectable information, such as information that may lead to patents, must not be stored in KI Box as the agreements do not contain any protection against the application of another country’s legislation. Box cannot contract away the US legislation in this regard.”
“In general, no personal data relating to research subjects should be stored in KI Box, as they are usually considered to be sensitive information.”
