Protecting our privacy online involves not only a complex and comprehensive set of rules, but also a host of abbreviations and terms – below you will find an explanation of the most common ones that are useful to know.
Cloud service: Is an online-based IT service. There are many different examples of cloud services such as Outlook, Teams, Dropbox and more. You probably use many cloud services on a daily basis, and a common denominator for all of them may be that you need an internet connection to access the services.
Data controller: Company/organization that uses cloud service for processing personal data. The person who determines the purposes and means of processing personal data, for example you as an entrepreneur or organization.
Third country: a country that is not part of the EU or an EEA member, such as Canada, Japan and the United States.
EU General Data Protection Regulation – GDPR: The GDPR (General Data Protection Regulation) was introduced on May 25, 2018. It applies to all companies that handle and store personal data and of course we at Storegate follow this regulation. According to the GDPR, personal data is any information that is linked to a living person, such as names, photos, e-mail addresses, IP addresses, location information, etc.
Safe Harbor: EU-US agreement on the adequate protection of personal data developed and adopted in 1995. Invalidated in 2015 following the Schrems – Facebook judgment, when it was held that personal data processed in the US was not adequately protected from government surveillance.
Privacy Shield: Some time ago, the Court of Justice of the European Union (CJEU) announced that the Privacy Shield agreement, which allowed transfers of EU citizens’ personal data to the United States, has been invalidated. This happened in the context of the Schrems II vs Facebook judgment of 16 July 2020, which means that it is no longer allowed to transfer personal data of EU citizens to US-owned cloud services.
FISA: Foreign Intelligence Surveillance Act, which allows US authorities to conduct electronic surveillance and access data stored in US cloud services.
CLOUD Act: Through the US CLOUD Act, US authorities have access to data stored on US cloud services, even if it is stored in the EU. US companies are therefore obliged to disclose your personal data under this law.
DPO, Data Protection Officer: Person at the company/organization responsible for overseeing and accounting for internal procedures regarding the handling of personal data.
Processing of personal data: For example, collection, recording, organization, storage, processing, consultation, use, dissemination, etc. (Also applies to automated processing).
Data processor: Supplier, who may only process the data as instructed by the controller.
Impact assessment: Includes information on purposes, third countries, technical security measures and contracts for handling personal data by processors.
Written processor agreement: Must be drawn up by the controller and signed with each processor and any sub-processors. Important to demonstrate that processors take the required security measures.
We understand that it can be difficult at first, but we at Storegate are happy to help you find your way. With our Swedish cloud service, you don’t have to worry about foreign legislation and it will also be easy to comply with GDPR. Get started and start storing and working with your files with us. It’s both easy and safe.
Want to get in touch with us? Contact sales@storegate.com and they will tell you more.
