Posted by Tony Abou-Assaleh on May 22nd, 2018

TitanFile and GDPR FAQ

GDPR stands for General Data Protection Regulation, a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area that goes into effect on May 25, 2018.

There is a plethora of resources online on what GDPR is, who it applies to, and how to be compliant. In this post, we will answer a few frequently asked questions about TitanFile and GDPR.

Where does TitanFile store my data?

TitanFile uses data centers around the world. When a client signs up with TitanFile, they can select in which geography their data is stored and TitanFile does not move data across geographies without notifying the clients. At the time of writing this post, TitanFile was using data centers in Canada, USA, UK, and Singapore. Further, enterprise customer can choose to store their data in any jurisdiction where Azure or AWS data centers are available.

Will TitanFile be hosting EU customer data in the EU?

TitanFile clients have the option to store the customer data in the EU (currently Azure data centers in the UK).

How does TitanFile comply with EU export restrictions?

Whenever personal data is hosted or processed outside of the European Economic Area (EEA) by TitanFile, GDPR requires that it remains protected by appropriate safeguards in line with EU law. TitanFile achieves this in a couple of ways.

First, the majority of our EU customers’ data is hosted and processed in Canada. Canada is recognized by the EU as offering “adequate level of data protection”. You can find more  information on “adequate countries” here.

Further, regardless of where the EU customer data is hosted or processed by TitanFile, we ensure “appropriate safeguards” are in place that are prescribed by GDPR.

What security measure does TitanFile have in place to protect data?

TitanFile prides itself in being a leader in protecting the privacy and security of our clients’ data. We’ve outlined some of the measure we take in our Security Policy. Additionally, the Security Overview [PDF] provides a summary of the encryption technology that TitanFile uses to protect data.

Does TitanFile have a GDPR-compliant Data Processing Addendum?

Yes. Please refer to the TitanFile Data Processing Addendum. If you have any questions about its contents you can email the privacy officer at privacy@titanfile.com.