1. Introduction
KGV Consulting Corp a.k.a. CIRRUSSERV by KGV Consulting Corp. provides cloud infrastructure services, managed services,
and business continuity solutions to help businesses deploy and secure their applications,
websites, databases, and more on the cloud, enabling them to be more agile. Too ensure the
hieghest level of security and performance we outsorce the hardware (physical) servers to
INAP.
Often, these services entail that KGV Consulting Corp. servers receive and store
“personal data” as defined in EU data protection laws. KGV Consulting Corp.
customers may use KGV Consulting Corp.’s services to store, transmit, encrypt,
decrypt, modify, process, and otherwise manipulate and/or transmit this personal data as they
see fit. KGV Consulting Corp. provides the infrastructure for businesses to build
on, but KGV Consulting Corp. does not control how its infrastructure is used
specifically, thus there are a wide range of applications and ways that personal data may be
processed on top of the KGV Consulting Corp. platform.
2. EU Data Processing laws
Although KGV Consulting Corp. is a US based company, KGV Consulting
Corp. takes EU Data Processing laws seriously. KGV Consulting Corp. complies with
EU Data Processing laws, including: as of 18 May 2017 the Data Protection and Directiveas from
25 May 2018 replaced by the GDPR
3. Processing operations and role
In relation to EU privacy laws, KGV Consulting Corp. categorizes personal data
into two categories:
- In most application cases, KGV Consulting Corp. merely stores, transmits or
manages data for its customers at the direction of the customers. In these respects,
KGV Consulting Corp. is simply a processor of customer data.
- KGV Consulting Corp. collects and stores detailed contact information,
communication records, and other information for the purposes of billing, providing services,
verifying the identity of customers over the telephone, marketing, and more. In these
respects, KGV Consulting Corp. is a controller of its own customer data. For
customer data that KGV Consulting Corp. stores for the purposes of account
management, KGV Consulting Corp. will comply with its Privacy Policy, as posted
online.
Roles and Responsibilities
- Access: Customer manages who has access to systems; KGV Consulting Corp.
provides tools and general network and physical level security
- Storage: Customer decides what to store and where; KGV Consulting Corp.
provides environment where the data is stored
- Transmission: Customer makes content available on the internet; KGV Consulting
Corp. provides network connectivity for this content to be accessed remotely by users
- Security: KGV Consulting Corp. together with INAP Company
implements standard up-to-date security measures to secure the environment and connections;
KGV Consulting Corp. can deliver additional and/or alternative measures upon
customer’s request Customer decides what security measures are implemented within the
environment and what passwords are used to protect it; KGV Consulting Corp. can
provide assistance in this regard
- Disclosure: KGV Consulting Corp. will not disclose unless required by law or a
binding judicial order
- Compliance with other elements of data protection laws, such as data subject rights, data
breaches, data protection impact assessment, prior consultation: KGV Consulting
Corp. can provide assistance upon customer’s request
4. Applicability of GDPR
The GDPR applies to KGV Consulting Corp. processing activities for its customers
if:
The customer uses KGV Consulting Corp.’s services in the context of its
activities of its establishments in the EU;
The customer uses KGV Consulting Corp.’s services of INAP’s establishment in
the EU (in Amsterdam, the Netherlands); or
The customer uses KGV Consulting Corp.’s services for:
Offering goods or services to data subjects in the EU; or
Monitoring the behavior of data subjects in the EU
In this respect, we request our customers to inform us when they intend to use our services in
the context of any EU establishment or if they otherwise feel that the GDPR is applicable to the
processing of their data (cat. 1).
Note that for the personal data we process for our own purposes (cat. 2) and for which we would
be the controller, the GDPR only applies to the extent that:
The processing occurs in the context of the activities of the KGV Consulting
Corp. in INAP establishment in the EU (Amsterdam, the Netherlands);
The processing relates to:
Offering goods or services directly to data subjects in the EU; or
The monitoring of the behavior of data subjects in the EU.
5. GDPR compliance
To ensure GDPR compliance KGV Consulting Corp. undertakes the following:
- KGV Consulting Corp uses hardware(physical) server locations provided by
INAP an EU-US Privacy Shield Certified
- KGV Consulting Corp. enters into data processing agreements with its customers
if the GDPR applies to the processing of their data.
- KGV Consulting Corp. enters into sub-processing agreements with its providers
if necessary.
- KGV Consulting Corp. implements up-to-date security measures, performs regular
audits, and is willing to implement additional measures upon customer’s request.
- In areas applicable to GDPR, KGV Consulting Corp. offers its customers
assistance in relation to security, data subject rights, data breaches, data protection impact
assessment, prior consultation and other elements of the GDPR.
This file was last modified on Jan 30, 2024 by KGV Consulting Corp.