We summarized all the GDPR elements that should matter to you and your customer in a simplified sheet.
GDPR Control and links
Individual Responsible for GDPR Compliance
Laurent Lemaire, Data Controller
Purpose of Processing
We process data to continuously improve our products and services, log data about performance and overall backup activities. Our systems also process data for security and monitoring purposes.. Notice regarding the collection and use of Personally Identifiable Information (PII) can be found here: https://simplebackups.com/privacy/#GDPR
Lawful Basis for Collection & Processing
All PII collected and processed within SimpleBackups is in accordance with an agreement between SimpleBackups and the Data Controller
Customer Data, including PII, is securely deleted from SimpleBackups systems within ninety (90) days of service termination or upon customer request. SimpleBackups-controlled PII is deleted in accordance with internal policy, when it no longer has business value, or upon Data Subject request
Data Protection & Information Security
SimpleBackups maintains a comprehensive information security management system to protect and preserve the confidentiality, integrity and availability of Customer Data.
Any breach of PII will be promptly reported to Customers, Data Subjects and Data Authorities in accordance with our Incident Response Policy and all applicable regulatory requirements.