As a leading enterprise cloud IT service provider, protecting our customers' data and personal information has always
been our top priority. DriveHQ engineers and compliance team have worked hand-in-hand to ensure that our customers' data
is always secure.
What is the GDPR
The General Data Protection Regulation (GDPR) is a new European privacy law aimed to harmonize data privacy laws across Europe,
to protect and empower all EU citizens' data privacy and to reshape the way organizations across the region approach data
privacy. The new policy provides specific guidelines regarding data transparency and dictating the control that users
have over data they upload to solution providers. It will be enforceable on May 25, 2018, replacing the current EU Data
Protection Directive, also known
as Directive 95/46/EC.
Who will be affected by the GDPR
Organizations established in the EU and all companies that process personal data of EU data subjects in connection with either
the offering of goods or services to data subjects in the EU. Personal data is any information relating to
an identified or identifiable natural person. DriveHQ has a lot of enterprise and individual customers in Europe, thus it will be affected.
DriveHQ is GDPR ready
DriveHQ teams have been reviewing everything that DriveHQ does to ensure it complies with the requirements of the new GDPR.
We have also been working with our customers around the world on GDPR readiness. As security and privacy have always
been our most important requirements in technology development and business operations, we can confirm that DriveHQ's
Cloud IT Service is GDPR ready.
DriveHQ has maintained a track record of no data breaches since 2003 (when it was founded). We have been continuously
improving our security technologies and processes, as well as providing more security, access control and event logging tools for our customers.
For more info on our security technologies, please visit DriveHQ Security.
What to expect as a DriveHQ customer
Because of our long-standing focus on system security and data protection, customers do not have
to worry about much change in DriveHQ. The policy updates enacted by the GDPR cover a range of subjects pertaining
to user controls and rights to information. Please read below to learn more about how DriveHQ
applies to each policy update:
- Breach Notification: DriveHQ has never experienced a system or data breach in our 15+ years of
cloud IT service operation. Still, it has been an included topic within our Service Agreement that we will
notify customers as soon as possible if any data or system breach is detected.
- Right to Access: DriveHQ users have always had total control over any data or personal information
that they upload/save to our system. All data, account usage, billing detail, and event history can be easily
accessed by logging on to DriveHQ. The "right to access" does not cover disabled accounts or accounts that owe
more than 1 months of service fees.
- Right to be Forgotten: The data that you upload/save to DriveHQ belongs to you. Users may at any time
log on to DriveHQ and delete data or personal information they no longer want to store on DriveHQ.
To be deleted completely from our system, users simply need to log on, delete all data in his account (or group account),
and visit the account deletion page to delete the account.
Note: DriveHQ has a built-in "Recycle Bin" feature which will catch any deleted data and keep them in the "Recycle Bin" folder for 14 days.
If a user wishes for data to be immediately purged from the system, he/she needs to first
disable this feature or empty the Recycle Bin after they have deleted the files.
- Data Portability: Similar to your Right to Access, GDPR establishes your right to receive
a copy of any personal data that you have stored on DriveHQ. Any files, emails and folders you store on DriveHQ are
portable and you can easily download them from DriveHQ using DriveHQ's client software, DriveHQ.com website or FTP.
If you have a group account, you can also export a list of sub-users.
- Privacy by Design : A fundamental inclusion for any business level solution provider,
Privacy by Design restricts service providers from handling/holding data or information that is not
fundamentally necessary or dictated by the user. This data minimization helps protect the end-user from
unintentionally sharing any personal information. DriveHQ only requires customers to provide
enough information for account creation, verification and billing (paid members only).
If they like, customers can provide additional information optionally.
In short, you will find that the policies defined by the GDPR are carefully followed in the day-to-day handling
of our servers and associated user data. If you are an existing or potential DriveHQ customer and
require more information on this topic, please send an email to DriveHQ support with
your specific questions.
You can contact us via email at: support@DriveHQ.com, or phone: (925)396-5819.
Main Office Address: 2551 San Ramon Valley Blvd, Ste 213, San Ramon, CA 94583, USA.