What does Allthings do to meet GDPR requirements?

Our Commitment to the Protection of Your Data

Compliance with the statutory provisions on data protection is essential for Allthings and we therefore ensure that our services are implemented in compliance with data protection regulations. At the European level, our services have been tested for conformity with the German Data Protection Ordinance (DSGVO / GDPR), which will come into force in May 2018. In Germany, they have also been tested for conformity with the Telemedia Act (TMG) and the Federal Data Protection Act (BDSG), and in Switzerland they have been tested for conformity with the Federal Data Protection Act (DSG) and the Ordinance to the Federal Data Protection Act (VDSG).

In addition to reinforcing and standardising the protection of user data in all EU countries, this also introduced new or additional obligations for all organisations dealing with personal data of EU citizens, regardless of where they are based. 

Compliance with GDPR

Updated GDPR requirements bring significant changes with them, and our team has adapted the Allthings product, operations and contractual obligations to support customers in meeting compliance requirements. The measures we have taken include:

• Investments in our security infrastructure and certifications
• Updating of relevant contractual conditions
• Support for international data transfer by meeting standard contract clauses through our Data Processing Agreements
• Our reliable support team (support@allthings.me) to respond to requests from users and delete their personal information such as names and email addresses from an account if requested

In addition, we always keep up to date with the latest publications from data protection supervisory authorities on DSGVO compliance and update our product functions and contractual obligations accordingly. We will also provide you with regular updates to keep you up to date.

Our Security Infrastructure and Certifications 

The protection of our customers' data and the privacy of their users is of utmost importance to us. Because we are a cloud-based company entrusted with some of our customers' most valuable data, we set high standards for our security. The Hosting Data Center meets the requirements of a comprehensive list of global security standards, including ISO 27001, PCI DSS Level 1, IT Basic Protection and the EU Data Protection Directive. See also AWS Cloud Compliance for more information.

If you would like to learn more about Allthings' security guidelines and measures, please refer to our Privacy Policy or learn more about our Security Standards on our website. 

International Data Transfer: Privacy Shield and Terms of Contract

In order to comply with EU data protection laws relating to mechanisms for international data transmission, we have introduced strict regulations. Customer data is subject to Swiss data protection regulations and EU data protection and is always stored using AES-256 encryption. In addition, customer data is stored in Ireland and therefore never leaves the EU. For all subcontracting relationships, we pay particular attention to the DSGVO conformity of our contractors abroad and secure this with the aid of order data processing.


**Please note that the general legal information we provide does neither constitute nor take the place of any kind of legal advice or training. Like most legal regulations, the standards applicable to you and their concrete interpretation may differ. Our information is based on our understanding of the legal regulations mentioned at the time this document was prepared. We assume no liability or warranty for the accuracy, completeness or timeliness of the information provided.**