What is GDPR?
The European Union (EU) General Data Protection Regulation (GDPR) is coming into effect on May 25, 2018. GDPR applies to any information that identifies, directly or indirectly, an individual in the European Union. A business that stores personal data with Acronis is the “controller” for the personal data and Acronis is the “processor” for the personal data. A controller has the legal liability for complying with GDPR, including the requirement of a “contract or other legal act” under GDPR’s Article 28(3).
What is a DPA and why do I need it?
GDPR requires controllers to put agreements into place with their processors that contain rules governing the processing data for the controller. GDPR imposes the obligation on the controller, not the processor. Nonetheless, Acronis has prepared a GDPR compliant data processing addendum (DPA) for data controllers with whom Acronis has an existing contract. The DPA reflects Acronis’ commitment to assisting controllers with their privacy and data protection compliance. The Acronis DPA contains all the terms and commitments required by GDPR for contracts between controllers and processors and between processors and sub-processors. It also includes the Standard Contractual Clauses for international transfers of data out of the EU/EEA/Switzerland.
Please note that if you are a reseller, distributor or corporate end user who obtains Acronis cloud products through a service provider, or other reseller or distributor, you need a DPA with that service provider, or other reseller or distributor. Only controllers who purchase directly from Acronis can enter into a DPA with Acronis.
Do users of consumer products need a DPA?
Individuals in the EU who use Acronis True Image and other Acronis consumer products do not need a DPA. Business uses of Acronis consumer products are not permitted by the end user license agreement.
When can I get the DPA?
Acronis will make the DPA available to all of its Service Providers simultaneously using the DocuSign – electronic signature system. Acronis Service Providers should expect to receive a DPA during April-May 2018.
If you are a service provider or a corporate Acronis customer and your company does not receive an e-mail with a request for signing DPA from Acronis by the middle of May 2018 please send a request to firstname.lastname@example.org or contact your Partner Account Manager/Technical Account Manager.
For more information about GDPR, visit our website at https://www.acronis.com/en-us/gdpr/
What kind of personal information does Acronis collect?
Is Acronis ISO 27001 certified?
Yes, Acronis is ISO 27001 certified
I save backups to Acronis Cloud. Where is my data stored?
You can find locations of Acronis Cloud Data Centers on Acronis website here
What security measures Acronis uses to keep data in the Cloud protected?
Please see Acronis Cloud Data Centers - a Primer on Security, Privacy and Compliance for more information.
Note: This article is for informational purposes only. It is not legal advice, and you should not treat it as legal advice. If you have questions about GDPR that our website doesn’t answer, you should consult with your legal counsel.