GDPR Compliance
What is the GDPR?
The General Data Protection Regulation (GDPR) (Regulation [EU] 2016/679) is a regulation by which the European Commission intends to strengthen and unify data protection for individuals within the European Union (EU). It forces stricter responsibilities on organisations to prove that they have adequate processes in place to manage and protect personal data. The major goals of GDPR are protection of an individual's personal data and the definition of the rules for the free movement of personal data in the EU.
The EU defines "Personal Data" as "any information relating to an individual, whether it relates to his or her private, professional, or public life. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer's IP address." The new obligations pertain to any organisation that handles data about EU citizens — whether that organisation is in the EU or not. The regulation does not apply to the processing of personal data for national security activities or law enforcement.
BAISOFT's Privacy and Data Protection for GDPR
BAISOFT is committed to data protection, privacy, security, and compliance with applicable regulatory frameworks in the EU and abroad. The cloud-based architecture is designed from the ground up with data protection, privacy, and security in mind.
The BAISOFT Cloud technical architecture and its internal administrative and procedural safeguards assist customers with the design and deployment of cloud-based networking solutions. The cornerstone of BAISOFT's privacy driven architecture is our out-of-band control plane. This means only network management information (not user traffic data) flows from devices to the BAISOFT cloud, dramatically limiting the amount of personal data that is transferred to the BAISOFT cloud.
Our Commitments
Master Data Protection Agreement (IMDPA)
The IMDPA reflects our commitment to privacy, data security, and accountability for our customers, worldwide. Contact your BAISOFT cloud account representative to put the IMDPA in place.
EU Standard Contractual Clauses
The MDPA incorporates the most current Standard Contractual Clauses adopted by the European Commission (EU Model Clauses) so that customers may allow transfer and processing of personal data outside the EEA in accordance with applicable European privacy and data protection regulations.
Data Security
End-to-end encryption for all data in transit and at rest. Role-based access control, comprehensive audit logging, and ISO 27001 security standards compliance. All data processed and stored in EU-based data centers in Munich.
Out-of-Band Architecture
Only network management information flows to the BAISOFT cloud — not user traffic data. This dramatically limits the amount of personal data transferred, ensuring privacy by design and by default.
GDPR Key Principles
Transparency
Clear documentation of what data is collected, how it is processed, and for what purpose.
Fairness
Data processing is conducted in a manner that is fair and in the interest of the data subject.
Accountability
Organizations must demonstrate compliance with GDPR principles through documentation and regular audits.
Data Minimization
Only data that is necessary for the specified purpose is collected and processed.
Purpose Limitation
Personal data is collected for specified, explicit, and legitimate purposes only.
Storage Limitation
Personal data is kept only for as long as necessary for the purposes for which it was collected.
Questions about GDPR compliance?
Contact us at [email protected] or call us at +49 1577 3590745