Differences

This shows you the differences between two versions of the page.

--- faq:gdpr_hosted_vpop3 [2018/05/25 13:01] – paul
+++ faq:gdpr_hosted_vpop3 [2018/05/29 16:54] – paul
@@ Line 2: / Line 2: @@
 Also see [[GDPR for VPOP3]] as most of that applies to the VPOP3 hosting service as well.
+This Data Processing Agreement is part of our hosted VPOP3 service terms. You can view the revision history by clicking on the 'clock' icon to the right.
 As a hosted service provider, we are classed as a "Data Processor" under the GDPR regulations.
@@ Line 9: / Line 11: @@
   - **The exception to the above statement** is for sent or received emails as they are being delivered to the recipient(s). Obviously if you send an email message to a user in the USA, for instance, that email will eventually be transmitted to the USA, otherwise it would not be able to reach the recipient. Similarly, if one of your users is based outside of the EU and downloads email to their email client, that data is being transmitted outside of the EU.
   - For the hosted VPOP3 service, the data we may hold is usernames & email addresses of your users, contact details of your users and contacts, email addresses & names of your contacts, email message data. All this data is provided by you, we do not add it ourselves except at your explicit request.
-  - Information such as contact lists is only held on your hosted server. So you have full control over it. It is not stored anywhere else, so if you delete a contact from the contact list on the server yourself, it is deleted.
+  - Information such as contact lists is only held on your hosted server. So you have full control over it. It is not stored anywhere else, so, for instance, if you delete a contact from the contact list, or a message from the server yourself, it is deleted.
   - We do not analyse the data we hold in any identifiable way or in any way that would affect personal privacy or confidentiality. For instance, messages are passed through a spam filter which will analyse the message, but not store any extra data about it other than a 'spam score'. The quantity and size of messages are also tracked to handle quota restrictions etc, but this is done on the whole of the data, not on individual messages.
   - Although we can access message data, we do not do so except at your explicit request. This will only be done to try to identify problems with the service or to assist you at your request. We will not store or record message details beyond what is necessary to assist you, and the data will be destroyed afterwards. These accesses are logged. (Note that we do not log access to your server where data is not accessed, e.g. to reboot your server or similar)
@@ Line 22: / Line 24: @@
   - We do not have a Data Protection Officer because we are not required to do so under the GDPR regulations. If you want to contact us about data protection issues, contact support@pscs.co.uk
   - Your data is not transmitted to other organisations/people except at your direct instruction. If you address an email to an external user this is classed as an "direct instruction". In this case your message data will be transmitted to other mail servers/companies as necessary for the message to reach the addressee. If you log in to your email account to view or send email from another organisation, then that is also classed as an "explicit request". In these cases, we believe that we have not "engaged" these other organisations as further Data Processors under GDPR Article 28 (2), so there is no need for prior written authorisation or contracts, and no continuation of liability once the data has left our control.

PSCS Wiki

User Tools

Site Tools

Differences

Page Tools