Many companies have been working hard to ensure they are GPDR compliant by the end of this week. For many, Nextcloud has been a part of that, simplifying compliance by helping companies keep sensitive data in-house. Today, we release a Nextcloud Compliance Kit to help these organizations comply with the requirements of the GDPR.
GDPR requirements
The GDPR requires businesses and other organizations who handle data from private users to offer clarity about how they use this data as well as a way to access, rectify or delete it. When dealing with a public cloud vendor, data leaves the control sphere of the business and a Data Processing Agreement needs to be signed with the cloud vendor. The business then has to ensure processes are set up to deal with GDPR related requests to be compliant. Keeping data in-house by self hosting negates the need for dealing with one more external party, keeping the whole process in-house and simplifying compliance.
The Data Request application shows buttons to request an export of personal data from the administrator in the user settings
The security requirements demand organizations to take appropriate measures to secure data. A Nextcloud Subscription delivers security patches and consulting based on our expertise and Security Bug Bounty Program, helping Nextcloud customers to make sure that this requirement is met.
Compliance Kit
The kit offers Nextcloud customers tools and documentation to make compliance a checklist-affair. Specific features in two Nextcloud apps and an update, a GDPR compliance steps walk-through and a detailed account of data handling in Nextcloud with instructions on how to extract, modify and delete data as required by law, make up the package.
GDPR compliance is a major concern for many of our customers. Our GDPR Compliance Kit essentially takes these concerns away with regards to the file handling, collaboration and communication capabilities as offered by Nextcloud
— Andreas Rode, head of sales
Nextcloud now offers organizations who host a Nextcloud server apps that help their GDPR compliance, depending on their specific circumstances:
The Imprint update to the theming app enables businesses to show a link to a legal notice or privacy policy on login
The Delete Account app enables businesses to offer users an easy way to delete their account as required under the GDPR
The Data Request App adds a way for users to request data, changes or account deletion from their user settings.
Adding an imprint link to Nextcloud 13
Moreover, Nextcloud offers customers access to a GPDR Compliance Checklist and a nearly 20 page detailed GPDR Admin Manual indicating where data can be found on a typical Nextcloud server and how to handle requests for extracting, rectifying and deleting data.
The GDPR Compliance Kit dealt with all our concerns. The global nature of the research community with frequent collaboration with European researchers and students requires global compliance awareness and an on-premises solution backed by the expertise of Nextcloud GmbH gives us the assurances we need.
— Hans Erasmus, Junior Infrastructure Architect at the North-West University in South Africa.
The User account deletion app allows users to delete an account without administrator assistance.
The apps and GDPR checklist are released to the general public while customers have access to the full compliance kit including GDPR Admin Manual. The apps can be found on the Nextcloud app store while the GDPR checklist can be downloaded from our website. If you have questions about Nextcloud and GDPR compliance, contact us!
Today, Nextcloud also announces a partnership with Red Hat to offer full-stack in-house storage and solutions to help customers with GDPR compliance.
Our mission is to help individuals, businesses and organizations achieve digital sovereignty and regain control over their data. Nextcloud Hub 5 marks a massive step forward towards achieving this mission, putting the power of AI into your hands – in a way that keeps you in control. New release, new possibilities Hub 5 builds on […]
The serious security flaws in ownCloud (now owned by Kiteworks) do NOT affect Nextcloud. We have strict security processes in place, and do not ship test data from libraries that can cause security breaches.
Today, US-based file sync & share vendor Kiteworks announced their acquisition of ownCloud and Dracoon. Kiteworks points out that their customers now have access to their file-sharing application. It is to be expected they will not maintain 3 similar products, but customers will have to migrate to the US firms‘ platform or look for another […]
Wir speichern einige Cookies, um Besucher zu zählen und die Nutzung der Website zu erleichtern. Diese verlassen unseren Server nicht und dienen nicht der Verfolgung Ihrer online-Aktivitäten.
Weitere Informationen hierzu finden Sie in unserer Datenschutzrichtlinie. Anpassen