{"id":2706,"date":"2018-09-02T19:07:21","date_gmt":"2018-09-02T19:07:21","guid":{"rendered":"https:\/\/wisehost.ca\/fr\/?p=2706"},"modified":"2018-09-02T19:07:21","modified_gmt":"2018-09-02T19:07:21","slug":"what-is-the-gdpr-and-what-is-our-path-to-gdpr-compliance","status":"publish","type":"post","link":"https:\/\/wisehost.ca\/fr\/what-is-the-gdpr-and-what-is-our-path-to-gdpr-compliance\/","title":{"rendered":"What is the GDPR and what is our path to GDPR compliance?"},"content":{"rendered":"

\"\"<\/a><\/p>\n

We manage so many of our daily activities online that the web has inevitably turned into a giant pool of personal data, which is exposed to a variety of risks, as was the recent case with Facebook.<\/p>\n

Europe\u2019s\u00a0General Data Protection Regulation (GDPR), which goes live on May 25th, is aimed at addressing all security risks by enforcing a strict data protection regulation across the EU and beyond.<\/p>\n

Learn more about the main principles of the GDPR, how it is meant to protect data privacy and how it will affect our relationship with you and your customers.<\/p>\n

What is the GDPR all about?<\/h2>\n

The GDPR regulation is the most impactful piece of data privacy legislation in the new century.<\/p>\n

Coming on the heels of the recent Facebook scandal, which revealed that the data of millions of Facebook users had been misused for the sake of third-party campaigns, the GDPR regulation is designed to regain order in how personal data is handled and stored online.<\/p>\n

Despite being an EU regulation, the GDPR practically affects any company that processes the personal information of EU citizens.<\/p>\n

That said, it applies to whether or not that company is based in the EU.<\/p>\n

For instance, if a US-based company provides goods or services to EU citizens, it automatically falls within the scope of the regulation.<\/p>\n

Personal data and individual rights<\/h2>\n

Approved on April 14, 2016, the new set of rules treats personal data protection as \u201ca fundamental right\u201d of all EU citizens and consumers.<\/p>\n

Regarding online services, personal data could include anything from an individual\u2019s name to a physical location or an IP address.<\/p>\n

The law also covers browser cookies that can track the web activity of EU individuals.<\/p>\n

In an effort to give consumers a bit of power in the so-called \u201cbig data\u201d world, the new regulation also gives EU individuals more rights to their information.<\/p>\n

All EU individuals will have the explicit right to know whether, where and for what purpose their personal data is being processed.<\/p>\n

The GDPR empowers EU individuals to have their personal data erased or not processed further.<\/p>\n

They can also object to having their data processed for direct marketing purposes and choose to transfer it away to another provider.<\/p>\n

Data protection responsibilities under the GDPR<\/h2>\n

The GDPR sets out the rights of EU individuals and the respective obligations of data processing companies and organizations in a total of 99 articles.<\/p>\n

The main business takeaway is that each company will have to justify the collection of personal data and to follow very strict rules in the process.<\/p>\n

The regulation makes a clear differentiation between companies that direct the collection of data (data controllers) and those that actually process it (data processors).<\/p>\n

Both controllers and processors will be delegated data protection responsibilities that will make them equally pursuant to GDPR compliance audits.<\/p>\n

The GDPR requires companies to revise and update their privacy policies and to make them clearer and more transparent to EU users.<\/p>\n

They will need to clearly specify what personal information is collected, for what purposes it is used and what legal basis each purpose is backed up by.<\/p>\n

Apart from justifying their data processing activities, however, companies will also need to take specific technical and organizational measures to ensure the highest level of in-house data protection.<\/p>\n

Planned GDPR compliance measures on our platform<\/h2>\n

As a service provider operating on the European market, we are GDPR-bound by default.<\/p>\n

Here is a list of the measures that will come into effect on the 24th of May in order to ensure GDPR compliance across our platform.<\/p>\n

1. Privacy policy updates<\/em><\/p>\n

The privacy policy has to mirror each given company\u2019s approach to become GDPR-compliant.<\/p>\n

We\u2019ve published a revised version of the Privacy Policy for clients and a brand new Privacy Policy for resellers, which clearly specify our legal grounds for personal data processing, as well as all associated individual rights and data protection responsibilities.<\/p>\n

2. Reseller agreement updates<\/em><\/p>\n

We\u2019ve also updated the Reseller Agreement that governs our relationship with you. You can review it\u00a0here.<\/p>\n

If you are using our Reseller API or are a member of the cPanel Reseller Program, you can take a look at the brand new Data Processing Agreement.\u00a0It\u2019s our new legal framework, which details how we will process your clients\u2019 data.<\/p>\n

3. WHOIS updates<\/em><\/p>\n

The current public WHOIS system, which is aimed at providing free access to a domain owner\u2019s personal information, is incompatible with the GDPR\u2019s principles.<\/p>\n

For that reason, registries and registrars have taken steps to hide the WHOIS details pertaining to the domains they are managing by default.<\/p>\n

As an ICANN-accredited registrar and \u2018data controller\u2019 for .COM and .NET, we\u2019ve taken measures to hide the WHOIS contact data for all .COM and .NET domains on our platform, in a GDPR-compliant manner.<\/p>\n

Registrants who want their personal data to be displayed online, will be able to opt-in to having it exposed in the public WHOIS database via an explicit consent option.<\/p>\n

It will be featured in the My Domains section of the Reseller Control Panel and the Domain Manager section of the\u00a0Web Hosting Control Panel.\u00a0(as a \u2018Whois data disclosure consent\u2019 option in the Edit Whois area).<\/p>\n

Until this option becomes available online, you can ask for your registrant details to be disclosed online\u00a0by opening a ticket.<\/p>\n

4. Order form updates<\/em><\/p>\n

Minor updates have been added to the order form to ensure that customers could consent to specific activities such as having their data stored outside the European Economic Area (EEA).<\/p>\n

5. Reseller hosting platform updates<\/em><\/p>\n

ResellersPanel\u2019s reseller hosting model is not fully compatible with the GDPR\u2019s data privacy standards.<\/p>\n

Following a consultation with data protection advisers and learning from our industry\u2019s best practices, we\u2019ve had to initiate a few important, GDPR-compliant updates to our\u00a0reseller hosting\u00a0platform.<\/p>\n

Those updates include:<\/p>\n

    \n
  • A revision of the List Clients section of the Reseller Control Panel, after which you will see the following per-client information: Username, Type of Service, Date of Purchase and Expiration Date;<\/li>\n
  • A revision of the client\u2019s Control Panel when accessed from the\u00a0Reseller Control Panel\u00a0via the \u201cLogin as reseller\u201d button, after which you will only see information that does not directly or indirectly identify the given client as far as their personality is concerned. Here is a quick list of the new changes:\n
      \n
    • the following sections are no longer accessible \u2013\u00a0Change Contact Details, Change Password, Recurring, Invoices, Social Media Accounts, Feedback, Webmail, ID Protection, Wallet;<\/em><\/li>\n
    • the names of all mailboxes in the account will be hidden, with the option to change the password \u2013 disabled.<\/li>\n
    • in the\u00a0File Manager<\/em>\u00a0section, the following options are no longer available \u2013\u00a0View, Edit, Download;<\/em><\/li>\n
    • in the\u00a0MySQL<\/em>\u00a0and\u00a0PgSQL Databases<\/em>\u00a0sections, the option to change the password is disabled;<\/li>\n
    • in the\u00a0Registered Domains<\/em>\u00a0section, the option to edit the WHOIS for a domain is disabled;<\/li>\n
    • in the\u00a0Remote Backups<\/em>\u00a0section, the \u201cAvailable Accounts\u201d list is removed;<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n

      In other words, in accordance with the GDPR regulation principles, which come into force on May 25th, you will be able to recognize your customers by the very details of the service they\u2019ve purchased rather than by their personality.<\/p>\n

      For now, we don\u2019t plan to stop our partners from manually creating accounts for their customers using both the public order form and the Reseller Control Panel.<\/p>\n

      If you are signing up your customers yourself, make sure that you familiarize them with the Privacy Policy and with the special, explicit-consent opt-in box for entering into a contract that will be featured on the order form starting from May 24th.<\/p>\n

      \n
      \n
      \n
      \n
      \n

      In any case, once the data has been processed by us, it will be hidden from you, since we\u2019ll take full responsibility of its processing (as explained earlier).<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

      5. In-house technical and organizational measures<\/em><\/p>\n

      As mentioned earlier, the GDPR will enforce a set of data protection policies on interested companies and organizations to comply with.<\/p>\n

      They will all require a substantial investment of resources in technical and organizational data protection measures for ensuring the utmost GDPR compliance level.<\/p>\n

      We\u2019ve done our best to create an efficient action plan that will help us implement all the newly required measures right on time.<\/p>\n

      Among them is the very method in which we communicate with the data centers that we are partnering with to ensure that they provide the necessary data protection levels.<\/p>\n","protected":false},"excerpt":{"rendered":"

      We manage so many of our daily activities online that the web has inevitably turned into a giant pool of personal data, which is exposed to a variety of risks, as was the recent case with Facebook. Europe\u2019s\u00a0General Data Protection Regulation (GDPR), which goes live on May 25th, is aimed at addressing all security risks […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,81,77],"tags":[],"class_list":["post-2706","post","type-post","status-publish","format-standard","hentry","category-digital-marketing","category-domain-name","category-ecommerce"],"_links":{"self":[{"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/posts\/2706","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/comments?post=2706"}],"version-history":[{"count":2,"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/posts\/2706\/revisions"}],"predecessor-version":[{"id":2733,"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/posts\/2706\/revisions\/2733"}],"wp:attachment":[{"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/media?parent=2706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/categories?post=2706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wisehost.ca\/fr\/wp-json\/wp\/v2\/tags?post=2706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}