Skip to main content
Documentation

GDPR

On May 25, 2018, the General Data Protection Regulation ("GDPR") went into effect, establishing a unified framework for the processing and handling of personal data of individuals residing within the European Union. "Personal data" can include names, IP addresses, images, email addresses, or any other data that can be used to identify a person. The GDPR applies to organizations located within the EU as well as organizations located outside of the EU if they offer goods or services to, or monitor the behavior of, people within the EU.

Files.com is committed to GDPR compliance and offers a Data Processing Addendum (DPA). If you require a signed DPA, contact our support team to obtain a copy for review and signature.

The GDPR and Files.com

Files.com lets you choose where your data is stored. Current locations include USA, Virginia; Australia, Sydney; Canada, Toronto; UK, London; EU - Germany, Frankfurt; India, Mumbai; Japan, Tokyo; and Singapore.

Files.com also gives you the flexibility to manage your data from around the world, allowing quick responses to Right to be Forgotten and other requests from data subjects.

Data Processing Addendum

Customers storing or transferring data on Files.com that is covered under GDPR need to sign our DPA. Contact support to obtain the Files.com DPA.

Sub-Processor

To enable the Files.com service, we engage Amazon Web Services (AWS) as a sub-processor. AWS meets the security and confidentiality standards we require from any sub-processor. We notify customers who have signed a Data Processing Addendum of any changes to our sub-processors.

Records of Processing Activity

Whether you need to document records of processing activities associated with personal data stored within or transferred through the Files.com platform is a determination to make with the assistance of legal counsel.

Files.com is not in a position to know what data you are storing in the platform. This understanding and proper data governance are the responsibility of the customer. Refer to the Files.com Shared Responsibility Model, the Compliance and Security page, and the Privacy Policy for more information.

Files.com Features Useful for GDPR Compliance

Files.com lets you customize data retention on a per-folder basis, so you can automate the data retention timelines set in your privacy policy.

Encryption in transit and encryption at rest serve as a technical safeguard when storing personal information.