Terms of Service

General Data Protection Regulation (GDPR) Information

1. Introduction

CIRRUSSERV by KGV Consulting Corp. provides cloud infrastructure services, managed services, and business continuity solutions to help businesses deploy and secure their applications, websites, databases, and more on the cloud, enabling them to be more agile. Too ensure the hieghest level of security and performance we outsorce the hardware (physical) servers to SingleHop an INAP Company.

Often, these services entail that CIRRUSSERV by KGV Consulting Corp. servers receive and store “personal data” as defined in EU data protection laws. CIRRUSSERV by KGV Consulting Corp. customers may use CIRRUSSERV by KGV Consulting Corp.’s services to store, transmit, encrypt, decrypt, modify, process, and otherwise manipulate and/or transmit this personal data as they see fit. CIRRUSSERV by KGV Consulting Corp. provides the infrastructure for businesses to build on, but CIRRUSSERV by KGV Consulting Corp. does not control how its infrastructure is used specifically, thus there are a wide range of applications and ways that personal data may be processed on top of the CIRRUSSERV by KGV Consulting Corp. platform.

2. EU Data Processing laws

Although CIRRUSSERV by KGV Consulting Corp. is a US based company, CIRRUSSERV by KGV Consulting Corp. takes EU Data Processing laws seriously. CIRRUSSERV by KGV Consulting Corp. complies with EU Data Processing laws, including: as of 18 May 2017 the Data Protection and Directiveas from 25 May 2018 replaced by the GDPR

3. Processing operations and role

In relation to EU privacy laws, CIRRUSSERV by KGV Consulting Corp. categorizes personal data into two categories:

  • In most application cases, CIRRUSSERV by KGV Consulting Corp. merely stores, transmits or manages data for its customers at the direction of the customers. In these respects, CIRRUSSERV by KGV Consulting Corp. is simply a processor of customer data.
  • CIRRUSSERV by KGV Consulting Corp. collects and stores detailed contact information, communication records, and other information for the purposes of billing, providing services, verifying the identity of customers over the telephone, marketing, and more. In these respects, CIRRUSSERV by KGV Consulting Corp. is a controller of its own customer data. For customer data that CIRRUSSERV by KGV Consulting Corp. stores for the purposes of account management, CIRRUSSERV by KGV Consulting Corp. will comply with its Privacy Policy, as posted online.

Roles and Responsibilities

  • Access: Customer manages who has access to systems; CIRRUSSERV by KGV Consulting Corp. provides tools and general network and physical level security
  • Storage: Customer decides what to store and where; CIRRUSSERV by KGV Consulting Corp. provides environment where the data is stored
  • Transmission: Customer makes content available on the internet; CIRRUSSERV by KGV Consulting Corp. provides network connectivity for this content to be accessed remotely by users
  • Security: CIRRUSSERV by KGV Consulting Corp. together with SingleHope an INAP Company implements standard up-to-date security measures to secure the environment and connections; CIRRUSSERV by KGV Consulting Corp. can deliver additional and/or alternative measures upon customer’s request Customer decides what security measures are implemented within the environment and what passwords are used to protect it; CIRRUSSERV by KGV Consulting Corp. can provide assistance in this regard
  • Disclosure: CIRRUSSERV by KGV Consulting Corp. will not disclose unless required by law or a binding judicial order
  • Compliance with other elements of data protection laws, such as data subject rights, data breaches, data protection impact assessment, prior consultation: CIRRUSSERV by KGV Consulting Corp. can provide assistance upon customer’s request

4. Applicability of GDPR

The GDPR applies to CIRRUSSERV by KGV Consulting Corp. processing activities for its customers if:

The customer uses CIRRUSSERV by KGV Consulting Corp.’s services in the context of its activities of its establishments in the EU;

The customer uses CIRRUSSERV by KGV Consulting Corp.’s services of SingleHop’s establishment in the EU (in Amsterdam, the Netherlands); or

The customer uses CIRRUSSERV by KGV Consulting Corp.’s services for:

Offering goods or services to data subjects in the EU; or Monitoring the behavior of data subjects in the EU

In this respect, we request our customers to inform us when they intend to use our services in the context of any EU establishment or if they otherwise feel that the GDPR is applicable to the processing of their data (cat. 1).

Note that for the personal data we process for our own purposes (cat. 2) and for which we would be the controller, the GDPR only applies to the extent that:

The processing occurs in the context of the activities of the CIRRUSSERV by KGV Consulting Corp. in SingleHop establishment in the EU (Amsterdam, the Netherlands);

The processing relates to:

Offering goods or services directly to data subjects in the EU; or The monitoring of the behavior of data subjects in the EU.

5. GDPR compliance

To ensure GDPR compliance CIRRUSSERV by KGV Consulting Corp. undertakes the following::

  • CIRRUSSERV by KGV Consulting Corp uses hardware(physical) server locations provided by SingleHop an INAP Company anEU-US Privacy Shield Certified
  • CIRRUSSERV by KGV Consulting Corp. enters into data processing agreements with its customers if the GDPR applies to the processing of their data.
  • CIRRUSSERV by KGV Consulting Corp. enters into sub-processing agreements with its providers if necessary.
  • CIRRUSSERV by KGV Consulting Corp. implements up-to-date security measures, performs regular audits, and is willing to implement additional measures upon customer’s request.
  • In areas applicable to GDPR, CIRRUSSERV by KGV Consulting Corp. offers its customers assistance in relation to security, data subject rights, data breaches, data protection impact assessment, prior consultation and other elements of the GDPR.

This file was last modified on January 26, 2019.