Can an EU client continue to host personal data outside the EU or EEA under the RGPD? If certain legal mechanisms exist, EU clients can host personal data outside the EU. Personal data can be transmitted outside the EU and EEA if an adequate level of protection for this data is guaranteed. Personal data processed on behalf is processed only in accordance with the sub-processing contract and service plan and instructions from the data exporter, data importer and coordinator. Will the RGPD change the way Rackspace Technology processes customer data? Rackspace Technology continues to treat customer data with the sensitivity and privacy required. Learn more about our security practices. I have heard that the European Court of Justice has recently invalidated the EU-US data protection shield framework. What is the impact on my current agreement with Rackspace Technology? We have a new computer addendum that removes previous references to the data protection shield and contains standard contractual clauses. Customers who must include the revised provisions in their agreement can do so by following the instructions in force here. With respect to these scenarios, at the end of the various technical and organizational measures described below, the tables indicate the responsibility of the data importer (fields marked with an „X“). Unauthorized persons must be prevented from physically accessing premises, buildings or premises with computer systems that process personal data; Individuals are not justified if their activity does not correspond to the tasks entrusted to them. Exemptions may be granted to external auditors for the purpose of auditing entities, provided they are controlled by the data importer and do not have access to the personal data themselves. The data importer provides services and supports or fulfills contractual obligations to the data exporter, as described in each contract, or an order for services referring to that MDPA. These services may include the processing of personal data by the data importer or the provision of maintenance and assistance services by data importers on systems that may contain personal data.

Including, without restriction, the data importer must: the General Data Protection Regulation (GDPR) is a European data protection regulation adopted by the European Commission. It replaced the European Data Protection Directive, also known as Directive 95/46/EC.