Hello!
I am planning to host a lost and found webpage.
Basically, I work in Guest Services, and people lose and find stuff all the time.
We still work with papers, but I want to make it digital.
The customers will fill out a form (name, surname, phone number, email address, and address).
That data will be transferred to the website I host.
My only worry is, how is it GDPR compliant? Am I allowed to store the data on the database of InfinityFree?
I live in Austria, Europe.
Thanks so much for the support!
Read and understand the law, that’s the best way to do it.
Good introduction: General Data Protection Regulation - Wikipedia
6 Likes
iFastNet (who provide the servers ect) are based in the UK. So the servers themselves are gdor compliant.
However because you’re dealing with guest data, you’ll need to make sure you handle it correctly. If your company have a data protection officer I’d get them involved.
8 Likes
As far as my understanding of the GDPR goes (IANAL), you can do basically anything with personal data if there is a good reason to do.
From the hosting side, website data is stored in the UK, which is not EU but has equivalent privacy regulation so that part is covered. You can also assume that both InfinityFree and iFastNet have taken appropriate measures to protect the integrity and confidentiality of the information stored. We also don’t do anything with the data other than host it for you.
At the same time, I would not recommend our hosting for highly sensitive data, like collecting or storing copies of government IDs.
We don’t have a Data Processing Agreement though, if that’s a hard requirement for you.
As for whether you are allowed to store the data here, that’s up to you to decide. You’re the Data Controller, so you are ultimately responsible. It’s up to you to determine which grounds of processing you have, what level of protection is appropriate, what you can do with the data or how long you will keep it.
6 Likes
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.