Where is GDPR policy?


#21

We all need a Data Processor Agreement for our own records, which are due end of May. If you dont have these available, we will have no choice but to cancel and move to a legal host.


#22

So how’s it going with the GDPR Policy and Data Processor Agreement?

We’re running out of time!

We’re currently preparing our infrastructure alternatives, so that we can move our business away from Cloudways in the next 1,5 weeks - we don’t want to left cloudways, but without the necessary policies we aren’t able to stay any longer.


#23

Only two weeks.

TWO WEEKS.


#24

Hello all,

We are still working on it and an announcement will be done within this week. Stay tuned!

@mayankparmar207 @hoefs @jbaer


#25

Another week pasted and there is still no announcement, no policy, no data processing contract…


#26

Hear hear! What happened to the upcoming announcement ?


#27

The live chat team says:

At Cloudways, we have always honored our users’ right to data privacy and protection. Cloudways has a dedicated internal team made up of cross-functional stakeholders overseeing Cloudways’s GDPR readiness and we are in process to become GDPR compliant before the deadline of May 25, 2018.

We at Cloudways understand how important GDPR compliance is to your business. In the next few weeks you would be receiving several email/notifications from Cloudways informing you about the changes we have made in accordance with GDPR and also to take your consent.

Once we send out our new versions of policies and request your consent, we would be available to answer any queries you may have regarding our policies.


#28

@mustaasam.saleem We need some answers on these topic, to ensure that you can provide the
needed GDPR data processing contract in good time before the 25. of may It is important for us to
continue using your services and to be compliant with GDPR.

I am a happy customer with you, and would hate to leave, but both I and the company need to have
things to be i order, and to ensure our visitors that their data is safe when visiting our sites and using
our services.


#29

Hey @cloudways.admin please give us a answer!
We have to make our server and websites ready. We don`t like it, to do this in the last minute :wink:


#30

Does Cloudways has Privacy Shield certification?


#31

3 days and counting, Cloudways.

Can you be honest if you’re not going to be ready and we can start to move services off the platform this week, rather than wait until the end of the week and there be near ZERO communication again.


#32

#33

#34

yeah, just noticed :stuck_out_tongue:


#35

Still, my question "how can we delete the IP of the reader when requested and server log’ is unanswered.


#36

Hello everyone,

As you all know, GDPR will go into effect after May 25, 2018.

We have updated our Privacy policy and Cookie policy to reflect the legal requirements of GDPR guidelines. You can find these updated policies here

For customers who need to sign Data Processing Agreement with Cloudways, can find DPA here

To answer the most commonly asked question about Cloudways and GDPR, we have also published a blog post that answers most of the questions.

If you have further queries, please send us email at privacy@cloudways.com.


#37

Hi @claus Appreciate your kind words. Kindly give a read to this comment:


#38

Still, my question "how can we delete the IP of the reader when requested and server log’ is unanswered.


#39

You don’t. GDPR doesn’t mean that you delete data from every kind of user’s request. There are legitimate interests that you need to consider. Server logs are something that many countries force you to keep for at least X months for legal issues. So, no matter how much a user tries, you cannot delete those.

If you want to be compliant with GDPR, hire a lawyer to identify all the legal basis for your services. Then write down your privacy policy. Not all data should be under the “right to be forgotten” part of GDPR.


#40

There are legitimate interests that you need to consider. Server logs are something that many countries force you to keep for at least X months for legal issues.

And what countries would that be?

In my country this is not forced by the government and saving the ip adress in server logs is against the GDPR, if you don’t have legitimate need and consent. “Legitimate need”, in the eyes of privacy laws, is not that you sometimes need to identify bots or attacks. Nearly none of us will have “legitimate need” to save personal data in server logs in terms of the GDPR.