Regulation of the European Parliament and the European Commission Nr. 2016/679 General Data Protection Regulation (GDPR) defines two types of entities dealing with personal data:

1. Operator

An Operator is a person or a legal entity, a public authority, an agency or other entity which alone or jointly with others determines the purposes and means of processing personal data.

2. Provider

A Provider is a person or a legal person, a public authority, an agency or other entity that processes personal data on behalf of an operator.

GuestCloud as a Provider

From GDPR's perspective, GuestCloud acts as a Provider/Intermediary and GuestCloud users as Operators.

The infrastructure and the functionality of the GuestCloud services have gone through several internal processes and changes to meet the GDPR criteria. These criteria include:

• assurance, that each member of our staff undergoes regular internal data security trainings. Each member has signed a confidentiality agreement, e.i. not to provide any data that could be obtained from GuestCloud and its components to third parties,
• implementation of organisational and technical measures that ensure the privacy, protection, integrity and accessibility of personal data,
• guaranty to process the request of the operator to access, repair, return or permanently delete personal data from GuestCloud in the shortest possible time,
• providing information on the functionality and infrastructure of the GuestCloud service, interoperability with operators so that GDPR conditions are met when processing data,
• immediate notification of the person and authorities concerned in case of misuse or data leak processed by the GuestCloud service, even if this is only a doubt.

The protection and integrity of our users' data is a priority for us, therefore we constantly and regularly undergo internal controls, external penetration tests and other additional measures so that our users (operators) are in compliance with the GDPR regulations when using the GuestCloud service. We always handle personal data only as instructed by our users (operators). GuestCloud users can permanently delete any data uploaded to the system or generated by the use of GuestCloud.

Our goal is to provide safe and quality service. Therefore, like many other modern information solutions, GuestCloud uses subcontractor services in its infrastructure. The selection of these subcontracting solutions is subject to thorough check. We use services that have a leading position in the world. All GuestCloud subcontracting services comply with the GDPR guidelines and are certified by world-recognized security certification authorities. For more information, please contact us at: gdpr@guestcloud.net.

GuestCloud users as Operators

The GDPR requirements are based on the assumption that the users of the GuestCloud service (Operators) adhere to the following points:

• To process the personal data from the affected person (EU citizens) they dispose of their valid explicit and informed consent as determined by the GDPR.
• They act in accordance with the GDPR regulations and other applicable regulations and regulations on the protection of personal data.
• By signing the Intermediary Contract, they agreed to the terms of processing of personal data by the GuestCloud service that are listed in this agreement.

A sample of the Intermediary Contract is available for download on following link..

The content of the contract may vary according to the scope and nature of the processing of personal data, at the same time it must meet all the requirements of the GDPR.

Signed agreement has to be delivered to the Provider’s address (GuestCloud).
Current address can be found in the contact section.

It is also useful to send a scan of the contract electronically to gdpr@guestcloud.net.
The authorized representative of the GuestCloud service confirms receipt of this contract afterwards.

More information and contact email

The content of this site will be updated accordingly to provide clear and relevant information on data protection and GDPR regulation.

For further questions and information feel free to contact: gdpr@guestcloud.net.