CloudSigma is EU GDPR Compliant 

EU GDPR Compliant Public Cloud 

CloudSigma is compliant with the EU General Data Protection Regulation (GDPR). CloudSigma’s compliance is reflected in our security and privacy regulations, risk management, data location, security features, and data ownership. You can learn in detail about the measures CloudSigma takes to ensure our GDPR compliance here. CloudSigma has also created a Data Processing Agreement (DPA), which enables customers to comply with their GDPR obligations. We have updated the relevant parts of our Terms of Service and Privacy Policy documents to refer to the DPA and to comply with the GDPR.

The EU General Data Protection Regulation (GDPR) took effect in 2018 with the goal to harmonize data privacy laws across Europe. You can
review the regulations here.

What Does EU GDPR Compliance Guarantee?

• The EU GDPR is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas.
• The EU GDPR consists of eleven chapters, concerning general provisions, principles, rights of the data subject, duties of data controllers or processors, transfers of personal data to third countries, supervisory authorities, cooperation among member states, remedies, liability or penalties for breach of right.
• CloudSigma’s services are in full compliance with GDPR across all our locations worldwide.


Because of the new GDPR regulations, we had to move back into the EU, which is just another thing
CloudSigma allows us to do. On top of GDPR, the Frankfurt location is very interesting also because
you have connections to other cloud providers on the backbone there.
Wim Cos, Partner & CTO @ CalmCo


EU GDPR Regulation Characteristics & Requirements


The goal of GDPR is to enhance individuals’ control and rights over their personal data and to simplify the regulatory environment for international business. It protects individuals’ fundamental rights and freedoms and in particular their right to the protection of personal data.


The GDPR contains provisions and requirements related to the processing of personal data of individuals who are located in the EEA, and applies to any enterprise—regardless of its location and the data subjects’ citizenship or residence—that is processing the personal information of individuals inside the EEA.


The GDPR is a regulation, not a directive. It is directly binding and applicable but does provide flexibility for certain aspects of the regulation to be adjusted by individual member states.


You can review CloudSigma’s legal documents, cloud hosting terms and conditions, and data processing agreement here