The data are crucial for businesses, are their most important asset. When we talk about data, we usually refer to it in general, but above all to the most valuable data, which is what refers to our clients. These are the data that, in addition, we must protect so that privacy is respected, and so that we, as a company, comply with the RGPD and the law.
We have talked a lot about the GDPR, especially about its implications and how it affects companies, but we have not discussed the topic at hand today: data residency, or data residency. What does this refer to?
Essentially, data residency refers to the physical location where the servers that store the data in question reside. That is, if the server is physically in Spain, that will be the residence of the data.
For situations in which the data always reside in the country or, in our case, in the European Union, there is no major problem. We are under the same regulatory umbrella, and therefore we should not worry about anything else.
With regards to Cloud Computing, things can change and the accompanying ought to be considered. In a Cloud situation, clients are regularly unconscious of the physical area of their information, as cloud suppliers store information all-inclusive across various server farm areas.
Along these lines, clients need to know the neighborhood laws and guidelines of the living arrangement of their information. To do this, clients need to know where their cloud supplier’s server farms are situated far and wide and research the distinctive residency strategies for each separate area.
Then again, clients of cloud administrations should attempt to guarantee that their administration level understandings (SLAs) with their suppliers set up where their information can and can’t be put away.
The RGPD does not introduce or include any obligation for the residence or location of the data, but it must be borne in mind that local legislation may impose certain requirements on it, under its own laws and regulations.
Therefore, we should all know that legal means of data transfer are necessary if they are to be moved outside the EU to a jurisdiction with inappropriate safeguards.