email addresses provided during the account registration) for account registration, administration, services access, or contact information for the AWS account to provide assistance through customer support activities – it acts as a data controller. AWS as a data controller – When AWS collects personal data and determines the purposes and means of processing that personal data – for example, when AWS stores account information (e.g.The AWS GDPR DPA, which includes Standard Contractual Clauses, is part of the AWS Service Terms and is automatically available for all customers who require this to comply with the GDPR. AWS offers a GDPR-compliant AWS GDPR Data Processing Addendum (AWS GDPR DPA) that incorporates AWS’s commitments as data processor. Under these circumstances, the customer may act as a data controller or data processor itself, and AWS acts as a data processor or sub-processor. Customers can use the controls available in AWS services, including security configuration controls, for the handling of personal data. AWS as a data processor – When customers use AWS services to process personal data in the content they upload to the AWS services, AWS acts as a data processor. Please see our customer update on the EU-US Privacy Shield and our blog posts on the Supplementary Addendum to the AWS GDPR Data Processing Addendum and the CISPE Data Protection Code of Conduct for additional information.ĪWS acts as both a data processor and a data controller under the GDPR. We list the AWS services that involve a data transfer of customer data on our Privacy Features webpage.Īs the regulatory and legislative landscape evolves, we will always work to ensure that our customers can continue to enjoy the benefits of AWS services wherever they operate. At AWS, our highest priority is securing customer data, and we implement rigorous technical and organizational measures to protect its confidentiality, integrity, and availability, regardless of which AWS Region the customer has selected. We know that transparency matters to our customers. AWS customers can continue to use AWS services to transfer customer data from the EEA to non-EEA countries that have not received an adequacy decision from the European Commission (including the United States) in compliance with the GDPR.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |