GDPR Center

As a leading enterprise cloud IT service provider, protecting our customers' data and personal information has always been our top priority. DriveHQ engineers and compliance team have worked hand-in-hand to ensure that our customers' data is always secure.

What is the GDPR

The General Data Protection Regulation (GDPR) is a new European privacy law aimed to harmonize data privacy laws across Europe, to protect and empower all EU citizens' data privacy and to reshape the way organizations across the region approach data privacy. The new policy provides specific guidelines regarding data transparency and dictating the control that users have over data they upload to solution providers. It will be enforceable on May 25, 2018, replacing the current EU Data Protection Directive, also known as Directive 95/46/EC.

Who will be affected by the GDPR

Organizations established in the EU and all companies that process personal data of EU data subjects in connection with either the offering of goods or services to data subjects in the EU. Personal data is any information relating to an identified or identifiable natural person. DriveHQ has a lot of enterprise and individual customers in Europe, thus it will be affected.

DriveHQ is GDPR ready

DriveHQ teams have been reviewing everything that DriveHQ does to ensure it complies with the requirements of the new GDPR. We have also been working with our customers around the world on GDPR readiness. As security and privacy have always been our most important requirements in technology development and business operations, we can confirm that DriveHQ's Cloud IT Service is GDPR ready.

DriveHQ has maintained a track record of no data breaches since 2003 (when it was founded). We have been continuously improving our security technologies and processes, as well as providing more security, access control and event logging tools for our customers. For more info on our security technologies, please visit DriveHQ Security.

What to expect as a DriveHQ customer

Because of our long-standing focus on system security and data protection, customers do not have to worry about much change in DriveHQ. The policy updates enacted by the GDPR cover a range of subjects pertaining to user controls and rights to information. Please read below to learn more about how DriveHQ applies to each policy update:

  • Breach Notification: DriveHQ has never experienced a system or data breach in our 15+ years of cloud IT service operation. Still, it has been an included topic within our Service Agreement that we will notify customers as soon as possible if any data or system breach is detected.

  • Right to Access: DriveHQ users have always had total control over any data or personal information that they upload/save to our system. All data, account usage, billing detail, and event history can be easily accessed by logging on to DriveHQ. The "right to access" does not cover disabled accounts or accounts that owe more than 1 months of service fees.

  • Right to be Forgotten: The data that you upload/save to DriveHQ belongs to you. Users may at any time log on to DriveHQ and delete data or personal information they no longer want to store on DriveHQ. To be deleted completely from our system, users simply need to log on, delete all data in his account (or group account), and visit the account deletion page to delete the account. Note: DriveHQ has a built-in "Recycle Bin" feature which will catch any deleted data and keep them in the "Recycle Bin" folder for 14 days. If a user wishes for data to be immediately purged from the system, he/she needs to first disable this feature or empty the Recycle Bin after they have deleted the files.

  • Data Portability: Similar to your Right to Access, GDPR establishes your right to receive a copy of any personal data that you have stored on DriveHQ. Any files, emails and folders you store on DriveHQ are portable and you can easily download them from DriveHQ using DriveHQ's client software, website or FTP. If you have a group account, you can also export a list of sub-users.

  • Privacy by Design : A fundamental inclusion for any business level solution provider, Privacy by Design restricts service providers from handling/holding data or information that is not fundamentally necessary or dictated by the user. This data minimization helps protect the end-user from unintentionally sharing any personal information. DriveHQ only requires customers to provide enough information for account creation, verification and billing (paid members only). If they like, customers can provide additional information optionally.

In short, you will find that the policies defined by the GDPR are carefully followed in the day-to-day handling of our servers and associated user data. If you are an existing or potential DriveHQ customer and require more information on this topic, please send an email to DriveHQ support with your specific questions.

Contact Us

You can contact us via email at:, or phone: (925)396-5819.
Main Office Address: 6101 Bollinger Canyon Road, Ste 327, San Ramon, CA 94583, USA.