GDPR compliance with Preservica

Preservica products and operations help ensure you meet your GDPR obligations.

Preservica meets its obligations as a ‘processor’ for customers that are ‘controllers’ of personal data

Preservica cloud products and operations meet the processor requirements of the General Data Protection Regulation (GDPR) helping our customers protect the rights of their data subjects.

It’s important to note that although the GDPR is an EU regulation it may still apply to any organization which is a controller of personal data for an EU data subject, even if that organization is outside of the EU.

Preservica helps to ensure you meet your GDPR obligations and preserve your valuable digital information for the long-term.

How Preservica helps you meet your long-term GDPR obligations

Article 15

Right to access &
provision of copies

Secure search, download & authenticated public access

Article 16

Right to
rectification

Updated metadata or secure delete & ingest workflows

Article 17

Right to erasure
[to be forgotten]

Secure delete or automated data management policies

Articles 18 & 21

Right to object
or restrict

Updated classification metadata or restricted security access

Article 20

Right to data
portability

Download or export DIPs

Article 30

Maintain records
of processing

Full history audits, personal data reports & secure processes

Article 32

Security of
processing

Two Factor Authentication, encryption for data & ISMS 27001 processes

Article 32

Accidental or unlawful
destruction & disclosure

Secure access controls with multi-step delete approvals

The GDPR states controllers "shall use only processors providing sufficient guarantees to (...) meet the requirements of this Regulation", so your choice of vendor(s) is critical to meeting your own obligations.

Article 28

How Preservica can help you

The GDPR is more than just a challenging new regulation, it also provides an opportunity for long-term improvement.

Employing best practices in information governance can realize greater value for your organization, through a stronger focus on your information and the trust of the individual. Preservica is a critical component in effective information governance and we will help you protect the rights of anyone whose ‘personal data’ you hold in Preservica cloud hosted services.

Guaranteeing regulation requirements

Preservica guarantees any personal data identified by our customers shall be processed lawfully, fairly and in a transparent manner .

In addition to ISO 9001 and ISO 27001 certifications, we have updated our technical and organizational measures to meet all regulation requirements, including security and privacy. When requested or required we will provide assistance or notifications.

Our contracts reflect requirements to bind controller and processor, recording all required details relating to the processing of any personal data.

Protection & compliance in the cloud

Amazon Web Services (AWS) has confirmed “all AWS services [are] GDPR ready”.

Preservica cloud solutions are hosted by AWS, the world’s leading IaaS provider. AWS services are compliant with the CISPE code of conduct and include ISO 27017 and ISO 27018 security certifications. The combination of AWS and Preservica’s highly secure information governance and preservation capabilities provides a solution committed to helping customers comply with GDPR requirements for the long term.

Want to know more?

Contact us to discuss how Preservica can help you deliver effective long-term information governance combined with digital preservation and your GDPR obligations.


Mq Ss

GDPR: Taking the long term view of your privacy obligations

Preservica discusses why organisations should take a longer-term view of privacy obligations, at Simmons & Simmons Datatech

Gdpr

Mind the gap: the responsibility to remember in the GDPR era

In this presentation from IRMS18 Gareth Aitken discusses the journey towards GDPR, including considerations for holding & managing long-term data.

General Data Protection Regulation Illustration Id861615322

How does GDPR impact digital preservation solutions in the Cloud?

GDPR can be an opportunity for long-term improvements in your records management, digital preservation and cloud operations.