What are Digital Oceans plans on GDPR compliancy?

September 11, 2017 6.2k views
DigitalOcean FAQ
robertvh
By:
robertvh

Form may 28th onward., all startups in Europe are required to ensure that the services they use are GPDR compliant.
Specifically companies need to able to show documentation and contracts with suppliers (such as DO) that show policies regarding privacy and data protection.

There is zero documentation or information available on this from Digital Ocean, besides certification of the data centres.

Digital Ocean can greatly help millions of customers stay customers by for example complying to the CISPE Code Of Conduct, like AWS and other cloud hosting providers do. Are there any plans for this?

7 comments
Log In to Comment
8 Answers
asb MOD February 22, 2018

This question is a few months old, but I want to provide an update as there seems to be some uncertainty. DigitalOcean is committed to being GDPR compliant. By May 2018, we will make available to all users an updated Data Processing Agreement that will meet the requirements of the GDPR. You can find an FAQ on GDPR at:

If you require additional information about how this impacts your business, please open a support ticket or reach out to your Customer Success Manager.

Reply
wimdfce4697ac12 October 3, 2017

Take a look at this page:
www.digitalocean.com/security/privacy/

*International Privacy Requirements

We understand the need for strict privacy regulations required by certain countries. For the European data protection acts Bundesdatenschutzgesetz (BDSG) and General Data Protection Regulation (GDPR), DigitalOcean is the "Data Processor" and the customer is the "Data Controller". We have setup a Data Processing Agreement (DPA) which can be signed by both DigitalOcean and the customer to meet these regulatory requirements. To obtain the DPA, or if you have any other privacy related questions please contact our Customer Support team here.*

You'll also find more information about data processing at DO here :
www.digitalocean.com/help/privacy/

Reply
  • karni October 19, 2017

    Thank you for pointing this out. I think it'd be ideal if this was a default to all EU customers by means of updating DO terms of service for EU customers.

petrvacha September 25, 2017

I was trying to push the same problem, but their support were very limited in the communication.

This was DO's GDPR mantra:

"I appreciate you updating us with this. We customize each agreement for the agent and organization signing the agreement. This is why we requested the information to complete the form. I apologize for the confusion on that.

Can you outline the address of the organization or yourself and the signing agent and organization? We will prepare the agreement then provide it here for you. We will appreciate your update with this and if you have further questions or concerns please don't hesitate to reply with them."

In the end DO suggested me to create a suggestion - here.

I guess DO is not ready for GDPR at all.

Reply
admin3f8ad159849c3be6a1583 October 9, 2017
[deleted]
Reply
digitalwhale November 16, 2017

I just came across this thread after reading this GDPR guide. DigitalOcean is listed there as not GDPR complaint.

I'm a European DO customer and for us this is important. Those fines are not a joke. When will there be more info about this?

Reply
srdjanr December 28, 2017

+1

Reply
wdjPascal January 17, 2018

+1

Reply
Personalia February 15, 2018

Any news about this?

Reply
  • octavn April 19, 2018

    DO is pretty clear:

    For additional information on the GDPR DPA, or to obtain a copy, please contact the DigitalOcean Support team or your Customer Success Manager.

Have another answer? Share your knowledge.

Related Questions