New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Can users of a provider that didn't comply sue?
At least they can report the provider to the local government - if they can sue.. probably?
As a user, I'd rather go for compliant providers and not waste time on the non-complying ones.
I have a couple of clients in the EU that I host email for. I will never be GDPR compliant. The cost of compliance vs the pricing of services like email will mean something has to give. Most likely it will mean that EU customers will have to pay significantly more for services than those that do not have to abide by these regulations.
My perspective is, I don't understand why hosts are concerned about this, it is simple to be compliant, maybe takes a day of work especially if your practices were already within common DP regulations from any 1st world country.
I am sure there will be an influx of people with an inflated sense of self importance trying to poke hosts just because being annoying is fun to them when the time comes, but that will die back pretty quick.
For most part I was wondering what the heck is changing with this GDPR and what made EU create it. Your statement above gave me some insight on why it might be needed. If a privacy conscious & aware customer is questioning his host about whether they are/will be compliant with the law of the land, its not his inflated sense of self importance.
All the documents are available, it makes sense, I understand it and I understand why it is required.
Absolutely agree, however that does not mean I don't also think there will be an influx of people who don't really care about anything except creating a headache because they can.
The 2 groups of people described can exist at the same time.
Are you handing out free reviews and legal advice? You're hired.
No, I am just pointing out the bleeding obvious.
To be honest, I thought this was c'est pit. You're still hired.
A post you made (perhaps private) actually gave some good detail on how hosts should be adapting. I took some pointers during my research.
Sooner or later, EU is going to require each website to have a license. 25 euro per license, what a way to get some money.
The UK will be 50 for ones in colour.
Francisco
They will also make the license a legal requirement that comes with a heavy fine if you done have one, then they will not bother actually regulating it due to costs.
If that really happens, someone will come by and proclaim, "The end is nigh."
So back to the original question
GDPR will be in effect from May 25. Not now.
-> We are
We are
Yeah but you said you are compliment now, you even quoted me quoting you saying that.
Hetzner is GDPR compliant and offering mail services with their web offering, i dont have experience with that product line.
LET...$7 resistance is futile.
If MXRoute is US based company they more likely should be Privacy Shield compliant and therefore don’t required to be GDPR compliant.
MXRoute aren't 'required' to be compliant with GDPR, but Privacy Shield compliance isn't a substitute for GDPR compliance.
What I have read today about GDPR compliants, if they wish to trade in EU:
US-based data processors should be Privacy Shield compliant. If the third party is not yet compliant with GDPR or Privacy Shield contact them and find out if and when they plan on becoming compliant. In the unlikely situation where a third party data processor is not compliant and has no plans to become compliant by the 25th May 2018 deadline, you should seek to replace them with a similar but compliant provider. In this situation you should also ask the current provider for a copy of the data that they hold for you and then insist that they securely delete your data from all of their digital systems including backups.
The rest of what you're written isn't relevant.
Basically, what you've read is wrong - Privacy Shield is a framework for EU-US data transmission. That's not even close to what GDPR is.
Why do you say this? MXroute has assets in the European Union on which they host customer data of Europeans, among others.
Organizations participating in Privacy Shield self-certify to the U.S. Department of Commerce that they will follow the Privacy Shield guidelines. Participation is optional, but if they do participate and then break the rules, they can be litigated under the FTC Act.
Privacy Shield commitment is going to be essential for any U.S. organizations wanting to do business in Europe.
I'll hijack the thread for a second, what about Buyshared and GDPR? What is there to look for when figuring out if another company, in this example BuyShared, is following the regulations?
As they do Luxembourg server node location, I do believe they will be required to be GDPR or Privacy Shield.
I'll have to dig through and see what else is needed, but at least most of the customer data stuff is handled by WHMCS 7.5
Francisco
This is where things get fun. If you read the Territorial Scope section, there’s a line that refers to marketing to the EU. You could easily argue that MXRoute do not do so. EU citizens may well have signed for the service, but if they weren’t marketed to directly, it fails out of scope. Simply offering a service that’s attractive to EU citizens is not the same as marketing to them,
Definitely, as it will be essential for an EU company wanting to hold data in the US. It complements GDPR, but its not an either/or situation.