HostBuddy.com is GDPR compliant
Our datacenter itself has sufficient physical access requirements to protect any threats to in-person data theft for your business. All of HostBuddy.com's data facilities are SSAE 16 SOC 2 Type 2 audited.
GDPR is aiming to do exactly that - regulate how personal data of individuals in EU territory gets collected and used. It defines what personal data is - being literally everything - name, email, username, address, phone number, financial data, age, behavioral data and more, and obliges everyone who collects and processes such data of EU individuals, no matter where that company or person is located around the world, to act in accordance with this regulation.
We are compliance with the GDPR. Here is a list of the major things we are going through and why they matter.
HostBuddy.com will implement and maintain appropriate security measures to protect Personal Data from Security Incidents and to preserve the security and confidentiality of the Personal Data.
HostBuddy.com will ensure that any person who is authorized by HostBuddy.com to process Personal Data (e.g., HostBuddy.com staff, subcontractors) will be under an appropriate obligation of confidentiality.
In the event of a Security Incident, HostBuddy.com will notify Customer without undue delay and will provide timely information relating to the Security Incident as it becomes known.
Customer acknowledges that the security measures evolve and that HostBuddy.com may update or modify the security measures from time to time.
Customer Data may be transferred and processed in the United States and anywhere in the world where Customer and/or its Subprocessors maintain data processing operations. HostBuddy.com will implement appropriate safeguards to protect the Personal Data, wherever it is processed, in accordance with the requirements of Data Protection Laws.
Return and Deletion of Data
Customers have access to their uploaded files and databases and can download them. If Customer has any issues with downloading their content, they can contact our Technical Support for assistance. Upon deactivation of a HostBuddy.com Service, all Personal Data will be deleted, except for data which is required to be retained by applicable law, or Personal Data that is archived on backup systems (which are securely isolated and protected from further processing.
If Customer is unable to independently access the specific Personal Data within the Service in response to requests from individuals or data protection authorities, HostBuddy.com will (at Customer's expense) provide reasonable cooperation to assist Customer, if possible. In the event that any such request is made directly to HostBuddy.com, HostBuddy.com will not respond to such communication directly without Customer's prior authorization, unless legally compelled to do so. If HostBuddy.com is required to respond to such a request, HostBuddy.com will promptly notify Customer and provide it with a copy of the request unless legally prohibited from doing so.
To the extent HostBuddy.com is required under Data Protection Law, HostBuddy.com will (at Customer's expense) provide reasonably requested information regarding HostBuddy.com's processing of Personal Data under the TOS to enable the Customer to carry out data protection impact assessments or prior consultations with data protection authorities as required by law.