Anniversary of the Basic Data Protection Regulation - Part 2 Travelling in the Cloud as a Business Customer
With the introduction of the DSGVO, the protection of personal data has moved back to the foreground. In this part of the three-part interview with Fresh Compliance, we have clarified for you how you as a business customer can work safely in the cloud and what you should bear in mind when choosing your cloud provider."
What should be considered when choosing a cloud provider?
Many people - especially the young generation - are online all day. The focus is on social networks. Programs are no longer downloaded, but used directly on the Internet. This also means that their data and programs are stored in data centers and no longer on their own computers at home. The DSGVO aims precisely at this current era, with the intention that individuals can determine more about their data again and know what happens to their data. A good cloud provider is therefore transparent. It should communicate where the data is located, what happens to the data and how the data is protected. Does the cloud provider use open source software and encrypt the data using real end-to-end encryption? Ideally, does it even follow the zero knowledge principle? Very good!
"Just like with organic products, where it is important to me that they come from the region, it should also be important that my data remains in the region where I am located.“
In addition, the recommendation is very clear: host the data in Europe, i.e. choose a provider that stores the data in Europe. Now we are sitting here in Germany, so of course it makes sense to choose a cloud provider, who follows the laws in this country - a German cloud provider.
What should cloud users pay attention to if they want to file their data in accordance with the DSGVO?
As soon as the customer is doing business, it is important, that a so-called order processing agreement (AVV) - formerly ADV - is concluded between him and the cloud provider. In the past, the responsibility for this was more on the customer side, now it is shared. This is why the provision of such an order processing contract also makes a good cloud provider. It contains all rights and obligations of both parties. Thus, the cloud provider insures with the conclusion of the contract e.g, that he implements appropriate data protection and data security measures.
The AVV also talks about TOM. Who or what is TOM?
Before the DSGVO, the TOMs only made it into the Annex of the Federal Data Protection Act, now they are very present as Article 32 in the DSGVO.
"TOM is the little brother of IT and Information Security."
TOM stands for the technical and organisational measures that companies can take to comply with the DSGVO. For example, security measures that regulate access control are listed to the server room or personnel file cabinets, as well as measures for encrypting data in the cloud.
What role does the Data Protection Officer play in the AVV?
As soon as at least ten employees in a company are constantly familiar with the automated processing of personal data, a data protection officer must be appointed, who will then also be mentioned in the AVV. The data protection officer is a person from the company, that reports directly to the managing director and can work without instructions. He should be reliable and have appropriate expertise in the field of data protection and must not be subject to any conflicts of interest. Therefore, the data protection officer is never the managing director himself, as is often mistakenly assumed. Since the topic of data protection is becoming increasingly complex in the course of the DSGVO and is increasingly developing into a legal and technical topic, the selected employee should also take part in appropriate training courses. Consequently, sufficient resources should be allocated to him so that he can carry out his work conscientiously.
What further changes will you face in the future and a summary of the most important points of the entire interview, you'll find in part 3 of our summary.
author: Christina Gluch
You might also be interested in
Cloud and Collaboration Trends 2025: Security and Teamwork in Focus
The IT world is evolving faster than ever – staying ahead means being prepared. 2025 brings groundbreaking advancements in cloud security, hybrid cloud, and digital collaboration tools. Discover th...
Learn moreSecure Alternative to Webex, Zoom, and Co.: luckycloud Launches Solution for Online Meetings
Secure online meetings are a must-have, and video conferencing tools are indispensable in everyday work life. However, providers like Zoom or Webex are heavily criticized due to data privacy issues.
Learn moreArtificial intelligence in the enterprise: How humans and technology become a service dream team
Whether a customer remains loyal to a company or switches to a competitor is increasingly determined by contact with customer service. Today, consumers and business customers alike expect fast and...
Learn moreProtected data rooms: Cloud service for works councils ensures IT independence
Securely storing and processing their own data in the cloud is now part of everyday work for more and more companies. In recent years, they have increasingly introduced new systems, expanded intern...
Learn moreDigitalprämie Berlin - how to benefit from the subsidies with luckycloud
With the digital bonus, the state of Berlin and Investitionsbank Berlin (IBB) want to promote the digitalization of the working world. The acquisition of IT hardware and software for digital transf...
Learn moreService for cloud solutions: Focus on the customer's needs
Good service pays off - this is also or especially true in difficult times, when the economy is facing numerous challenges due to the Corona pandemic. Only those who convince their customers with a...
Learn moreQNAP NAS and luckycloud - perfect match for Hybrid Clouds
Hybrid Cloud solutions do not have to be complicated. As with all successful combinations, it all depends on the right components! luckycloud - as a secure cloud provider from Germany with the high...
Learn moreAll-rounder Hybrid Cloud - clever combination of backup and data processing
IT systems can be affected by failures or maintenance. During this time data in the cloud is not accessible. If you use the cloud storage as pure backup, a failure only affects current changes. But...
Learn moreCrash course GDPR - Summary of the 10 most important facts
25 May 2018 - the GDPR came into force on this date. Curse or blessing? After 2 years this is not exactly one of the most popular topics for companies. Nevertheless, the DSGVO has an important sign...
Learn moreTeamwork in the home office - exchange data easily and securely from home with luckycloud
Working from home is a challenge even for well-rehearsed teams that normally work well together in the office. For a smooth workflow in a team, we recommend that you define rules on how shared docu...
Learn moreCloud storage in the home office - Set up luckycloud in your home office in 3 steps
There is hardly anyone left who is not affected by the current crisis, let alone severely restricted. Suddenly there are people in the home office who have never (had to) think about how to work ou...
Learn moreHome Office Preparation - Working from home without loss of control
Many managers are currently in conflict over the decision whether to use home office or not. The biggest barrier here is not the technical hurdle, but the feeling of loss of control. Many bosses ar...
Learn moreHome Office Checklist - Corona crisis becomes surveillance scandal 2.0
The corona crisis has stirred up many minds. Many entrepreneurs are interested in a quick solution and forget the daily dangers of digital data processing. People's privacy is sometimes trampled un...
Learn moreHome Office Guide in times of the coronavirus - working fast and safe from home
Current news about the corona virus is piling up. Many send their employees to the home office - but for many industries this is simply impossible. On various platforms there are lists of digital t...
Learn moreA cloud provider from Germany with easy user and data administration was especially important to us!
The demands for schools to be equipped with technical devices, a modern IT infrastructure and secure software solutions are anything but new. This applies to the administration as well as the teach...
Learn moreWhy are updates important?
"Again?!", this is the thought you always have when you see a pop up with an update on your computer again. One is simply annoyed and clicks on "Remember later". But this is exactly what you should...
Learn moreluckycloud groupware- The secure alternative to Microsoft Exchange
luckycloud Office is a secure Microsoft Exchange alternative from Germany with email, calendar, task and contact synchronization. The groupware enables secure as well as internal communication with...
Learn moreAnniversary of the basic data protection regulation - Part 3 outlook and summary
Indeed, further regulations will follow in the future. With the DSGVO, the basic framework for far-reaching data protection regulation has been established, although the next stage of the DSGVO is...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 2 Travelling in the Cloud as a Business Customer
With the introduction of the DSGVO, the protection of personal data has rightly moved back to the foreground. In this part of the three-part interview with Fresh Compliance, we have clarified for y...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 1 What is the DSGVO?
One year has now passed since the DSGVO came into force and its introduction caused a lot of unrest and has been hotly debated in recent years, as has the topic of data protection in public clouds....
Learn moreIntroduction to luckycloud - Part 2 Collaborative Teamwork with the Team Manager
One has just got used to the old system and then the boss comes around the corner and is of the opinion to integrate a new system because the old one is no longer DSGVO-compliant. The switch to a n...
Learn moreCloud and Collaboration Trends 2025: Security and Teamwork in Focus
The IT world is evolving faster than ever – staying ahead means being prepared. 2025 brings groundbreaking advancements in cloud security, hybrid cloud, and digital collaboration tools. Discover th...
Learn moreSecure Alternative to Webex, Zoom, and Co.: luckycloud Launches Solution for Online Meetings
Secure online meetings are a must-have, and video conferencing tools are indispensable in everyday work life. However, providers like Zoom or Webex are heavily criticized due to data privacy issues.
Learn moreArtificial intelligence in the enterprise: How humans and technology become a service dream team
Whether a customer remains loyal to a company or switches to a competitor is increasingly determined by contact with customer service. Today, consumers and business customers alike expect fast and...
Learn moreProtected data rooms: Cloud service for works councils ensures IT independence
Securely storing and processing their own data in the cloud is now part of everyday work for more and more companies. In recent years, they have increasingly introduced new systems, expanded intern...
Learn moreDigitalprämie Berlin - how to benefit from the subsidies with luckycloud
With the digital bonus, the state of Berlin and Investitionsbank Berlin (IBB) want to promote the digitalization of the working world. The acquisition of IT hardware and software for digital transf...
Learn moreService for cloud solutions: Focus on the customer's needs
Good service pays off - this is also or especially true in difficult times, when the economy is facing numerous challenges due to the Corona pandemic. Only those who convince their customers with a...
Learn moreQNAP NAS and luckycloud - perfect match for Hybrid Clouds
Hybrid Cloud solutions do not have to be complicated. As with all successful combinations, it all depends on the right components! luckycloud - as a secure cloud provider from Germany with the high...
Learn moreAll-rounder Hybrid Cloud - clever combination of backup and data processing
IT systems can be affected by failures or maintenance. During this time data in the cloud is not accessible. If you use the cloud storage as pure backup, a failure only affects current changes. But...
Learn moreCrash course GDPR - Summary of the 10 most important facts
25 May 2018 - the GDPR came into force on this date. Curse or blessing? After 2 years this is not exactly one of the most popular topics for companies. Nevertheless, the DSGVO has an important sign...
Learn moreTeamwork in the home office - exchange data easily and securely from home with luckycloud
Working from home is a challenge even for well-rehearsed teams that normally work well together in the office. For a smooth workflow in a team, we recommend that you define rules on how shared docu...
Learn moreCloud storage in the home office - Set up luckycloud in your home office in 3 steps
There is hardly anyone left who is not affected by the current crisis, let alone severely restricted. Suddenly there are people in the home office who have never (had to) think about how to work ou...
Learn moreHome Office Preparation - Working from home without loss of control
Many managers are currently in conflict over the decision whether to use home office or not. The biggest barrier here is not the technical hurdle, but the feeling of loss of control. Many bosses ar...
Learn moreHome Office Checklist - Corona crisis becomes surveillance scandal 2.0
The corona crisis has stirred up many minds. Many entrepreneurs are interested in a quick solution and forget the daily dangers of digital data processing. People's privacy is sometimes trampled un...
Learn moreHome Office Guide in times of the coronavirus - working fast and safe from home
Current news about the corona virus is piling up. Many send their employees to the home office - but for many industries this is simply impossible. On various platforms there are lists of digital t...
Learn moreA cloud provider from Germany with easy user and data administration was especially important to us!
The demands for schools to be equipped with technical devices, a modern IT infrastructure and secure software solutions are anything but new. This applies to the administration as well as the teach...
Learn moreWhy are updates important?
"Again?!", this is the thought you always have when you see a pop up with an update on your computer again. One is simply annoyed and clicks on "Remember later". But this is exactly what you should...
Learn moreluckycloud groupware- The secure alternative to Microsoft Exchange
luckycloud Office is a secure Microsoft Exchange alternative from Germany with email, calendar, task and contact synchronization. The groupware enables secure as well as internal communication with...
Learn moreAnniversary of the basic data protection regulation - Part 3 outlook and summary
Indeed, further regulations will follow in the future. With the DSGVO, the basic framework for far-reaching data protection regulation has been established, although the next stage of the DSGVO is...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 2 Travelling in the Cloud as a Business Customer
With the introduction of the DSGVO, the protection of personal data has rightly moved back to the foreground. In this part of the three-part interview with Fresh Compliance, we have clarified for y...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 1 What is the DSGVO?
One year has now passed since the DSGVO came into force and its introduction caused a lot of unrest and has been hotly debated in recent years, as has the topic of data protection in public clouds....
Learn moreIntroduction to luckycloud - Part 2 Collaborative Teamwork with the Team Manager
One has just got used to the old system and then the boss comes around the corner and is of the opinion to integrate a new system because the old one is no longer DSGVO-compliant. The switch to a n...
Learn moreCloud and Collaboration Trends 2025: Security and Teamwork in Focus
The IT world is evolving faster than ever – staying ahead means being prepared. 2025 brings groundbreaking advancements in cloud security, hybrid cloud, and digital collaboration tools. Discover th...
Learn moreSecure Alternative to Webex, Zoom, and Co.: luckycloud Launches Solution for Online Meetings
Secure online meetings are a must-have, and video conferencing tools are indispensable in everyday work life. However, providers like Zoom or Webex are heavily criticized due to data privacy issues.
Learn moreArtificial intelligence in the enterprise: How humans and technology become a service dream team
Whether a customer remains loyal to a company or switches to a competitor is increasingly determined by contact with customer service. Today, consumers and business customers alike expect fast and...
Learn moreProtected data rooms: Cloud service for works councils ensures IT independence
Securely storing and processing their own data in the cloud is now part of everyday work for more and more companies. In recent years, they have increasingly introduced new systems, expanded intern...
Learn moreDigitalprämie Berlin - how to benefit from the subsidies with luckycloud
With the digital bonus, the state of Berlin and Investitionsbank Berlin (IBB) want to promote the digitalization of the working world. The acquisition of IT hardware and software for digital transf...
Learn moreService for cloud solutions: Focus on the customer's needs
Good service pays off - this is also or especially true in difficult times, when the economy is facing numerous challenges due to the Corona pandemic. Only those who convince their customers with a...
Learn moreQNAP NAS and luckycloud - perfect match for Hybrid Clouds
Hybrid Cloud solutions do not have to be complicated. As with all successful combinations, it all depends on the right components! luckycloud - as a secure cloud provider from Germany with the high...
Learn moreAll-rounder Hybrid Cloud - clever combination of backup and data processing
IT systems can be affected by failures or maintenance. During this time data in the cloud is not accessible. If you use the cloud storage as pure backup, a failure only affects current changes. But...
Learn moreCrash course GDPR - Summary of the 10 most important facts
25 May 2018 - the GDPR came into force on this date. Curse or blessing? After 2 years this is not exactly one of the most popular topics for companies. Nevertheless, the DSGVO has an important sign...
Learn moreTeamwork in the home office - exchange data easily and securely from home with luckycloud
Working from home is a challenge even for well-rehearsed teams that normally work well together in the office. For a smooth workflow in a team, we recommend that you define rules on how shared docu...
Learn moreCloud storage in the home office - Set up luckycloud in your home office in 3 steps
There is hardly anyone left who is not affected by the current crisis, let alone severely restricted. Suddenly there are people in the home office who have never (had to) think about how to work ou...
Learn moreHome Office Preparation - Working from home without loss of control
Many managers are currently in conflict over the decision whether to use home office or not. The biggest barrier here is not the technical hurdle, but the feeling of loss of control. Many bosses ar...
Learn moreHome Office Checklist - Corona crisis becomes surveillance scandal 2.0
The corona crisis has stirred up many minds. Many entrepreneurs are interested in a quick solution and forget the daily dangers of digital data processing. People's privacy is sometimes trampled un...
Learn moreHome Office Guide in times of the coronavirus - working fast and safe from home
Current news about the corona virus is piling up. Many send their employees to the home office - but for many industries this is simply impossible. On various platforms there are lists of digital t...
Learn moreA cloud provider from Germany with easy user and data administration was especially important to us!
The demands for schools to be equipped with technical devices, a modern IT infrastructure and secure software solutions are anything but new. This applies to the administration as well as the teach...
Learn moreWhy are updates important?
"Again?!", this is the thought you always have when you see a pop up with an update on your computer again. One is simply annoyed and clicks on "Remember later". But this is exactly what you should...
Learn moreluckycloud groupware- The secure alternative to Microsoft Exchange
luckycloud Office is a secure Microsoft Exchange alternative from Germany with email, calendar, task and contact synchronization. The groupware enables secure as well as internal communication with...
Learn moreAnniversary of the basic data protection regulation - Part 3 outlook and summary
Indeed, further regulations will follow in the future. With the DSGVO, the basic framework for far-reaching data protection regulation has been established, although the next stage of the DSGVO is...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 2 Travelling in the Cloud as a Business Customer
With the introduction of the DSGVO, the protection of personal data has rightly moved back to the foreground. In this part of the three-part interview with Fresh Compliance, we have clarified for y...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 1 What is the DSGVO?
One year has now passed since the DSGVO came into force and its introduction caused a lot of unrest and has been hotly debated in recent years, as has the topic of data protection in public clouds....
Learn moreIntroduction to luckycloud - Part 2 Collaborative Teamwork with the Team Manager
One has just got used to the old system and then the boss comes around the corner and is of the opinion to integrate a new system because the old one is no longer DSGVO-compliant. The switch to a n...
Learn moreCloud and Collaboration Trends 2025: Security and Teamwork in Focus
The IT world is evolving faster than ever – staying ahead means being prepared. 2025 brings groundbreaking advancements in cloud security, hybrid cloud, and digital collaboration tools. Discover th...
Learn moreSecure Alternative to Webex, Zoom, and Co.: luckycloud Launches Solution for Online Meetings
Secure online meetings are a must-have, and video conferencing tools are indispensable in everyday work life. However, providers like Zoom or Webex are heavily criticized due to data privacy issues.
Learn moreArtificial intelligence in the enterprise: How humans and technology become a service dream team
Whether a customer remains loyal to a company or switches to a competitor is increasingly determined by contact with customer service. Today, consumers and business customers alike expect fast and...
Learn moreProtected data rooms: Cloud service for works councils ensures IT independence
Securely storing and processing their own data in the cloud is now part of everyday work for more and more companies. In recent years, they have increasingly introduced new systems, expanded intern...
Learn moreDigitalprämie Berlin - how to benefit from the subsidies with luckycloud
With the digital bonus, the state of Berlin and Investitionsbank Berlin (IBB) want to promote the digitalization of the working world. The acquisition of IT hardware and software for digital transf...
Learn moreService for cloud solutions: Focus on the customer's needs
Good service pays off - this is also or especially true in difficult times, when the economy is facing numerous challenges due to the Corona pandemic. Only those who convince their customers with a...
Learn moreQNAP NAS and luckycloud - perfect match for Hybrid Clouds
Hybrid Cloud solutions do not have to be complicated. As with all successful combinations, it all depends on the right components! luckycloud - as a secure cloud provider from Germany with the high...
Learn moreAll-rounder Hybrid Cloud - clever combination of backup and data processing
IT systems can be affected by failures or maintenance. During this time data in the cloud is not accessible. If you use the cloud storage as pure backup, a failure only affects current changes. But...
Learn moreCrash course GDPR - Summary of the 10 most important facts
25 May 2018 - the GDPR came into force on this date. Curse or blessing? After 2 years this is not exactly one of the most popular topics for companies. Nevertheless, the DSGVO has an important sign...
Learn moreTeamwork in the home office - exchange data easily and securely from home with luckycloud
Working from home is a challenge even for well-rehearsed teams that normally work well together in the office. For a smooth workflow in a team, we recommend that you define rules on how shared docu...
Learn moreCloud storage in the home office - Set up luckycloud in your home office in 3 steps
There is hardly anyone left who is not affected by the current crisis, let alone severely restricted. Suddenly there are people in the home office who have never (had to) think about how to work ou...
Learn moreHome Office Preparation - Working from home without loss of control
Many managers are currently in conflict over the decision whether to use home office or not. The biggest barrier here is not the technical hurdle, but the feeling of loss of control. Many bosses ar...
Learn moreHome Office Checklist - Corona crisis becomes surveillance scandal 2.0
The corona crisis has stirred up many minds. Many entrepreneurs are interested in a quick solution and forget the daily dangers of digital data processing. People's privacy is sometimes trampled un...
Learn moreHome Office Guide in times of the coronavirus - working fast and safe from home
Current news about the corona virus is piling up. Many send their employees to the home office - but for many industries this is simply impossible. On various platforms there are lists of digital t...
Learn moreA cloud provider from Germany with easy user and data administration was especially important to us!
The demands for schools to be equipped with technical devices, a modern IT infrastructure and secure software solutions are anything but new. This applies to the administration as well as the teach...
Learn moreWhy are updates important?
"Again?!", this is the thought you always have when you see a pop up with an update on your computer again. One is simply annoyed and clicks on "Remember later". But this is exactly what you should...
Learn moreluckycloud groupware- The secure alternative to Microsoft Exchange
luckycloud Office is a secure Microsoft Exchange alternative from Germany with email, calendar, task and contact synchronization. The groupware enables secure as well as internal communication with...
Learn moreAnniversary of the basic data protection regulation - Part 3 outlook and summary
Indeed, further regulations will follow in the future. With the DSGVO, the basic framework for far-reaching data protection regulation has been established, although the next stage of the DSGVO is...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 2 Travelling in the Cloud as a Business Customer
With the introduction of the DSGVO, the protection of personal data has rightly moved back to the foreground. In this part of the three-part interview with Fresh Compliance, we have clarified for y...
Learn moreAnniversary of the Basic Data Protection Regulation - Part 1 What is the DSGVO?
One year has now passed since the DSGVO came into force and its introduction caused a lot of unrest and has been hotly debated in recent years, as has the topic of data protection in public clouds....
Learn moreIntroduction to luckycloud - Part 2 Collaborative Teamwork with the Team Manager
One has just got used to the old system and then the boss comes around the corner and is of the opinion to integrate a new system because the old one is no longer DSGVO-compliant. The switch to a n...
Learn more