🚀 General Data Protection Regulation

“ ”

If you are an entity that processes data of a personal nature, you are probably affected by the provisions of the General Regulations on the Protection of Data (GDPR). Due to this, you have obligations with which you must comply. The same applies to Infomaniak which, in view of its situation, has distinct obligations as a sub-contractor and data processing manager.

When do we share your information with other parties?

As a hosting provider, Infomaniak is committed to complying with its obligations under the regulations. As a result, you must also respect the points of your regulatory obligations related to our services.

As a subcontractor, Infomaniak is committed to:

Store your data in our datacenters based exclusively in Switzerland and never transfer your data outside of our datacenters.
Implement high-security standards and maintain continuous improvement processes to provide you with a high level of security in our services.
Notify you as soon as possible in the event of a violation of your data.
Be transparent when we use subcontractors that could process your data.
Maintain and develop our physical security measures to prevent access to the infrastructures on which your data are stored by unauthorised persons.
Have physical and / or logical isolation systems (depending on the services) to isolate customer hosting services from each other, and carry out intrusion tests once a year in order to ensure data tightness between customers.
Be exemplary in terms of reactivity for security updates on the systems we manage.

These commitments are transcribed in our general and specific terms and conditions.

It is essential to distinguish between the security of the infrastructures on which your data is hosted and the exploitation and implementation of the data by you.

Customer's role

It is solely responsible for the security of resources and application systems that it uses with Infomaniak's services.

Infomaniak's Role

We are committed to ensuring the safety of our infrastructure, including a security policy that meets the requirements of various standards and certifications as well as the GDPR.

Frequently asked questions about the GDPR and Infomaniak

Am I in compliance with the GDPR when using Infomaniak services?

Yes. Nevertheless, we remind you that it is your responsibility to make the content (CMS, plugins, forms, etc.) that you host through our services compatible with the GDPR.

It is important to distinguish between the security of the infrastructures on which you are hosting your data and how you use the data. As a hosting service, Infomaniak is limited to a role of sub-contractor concerning the GDPR. Thus, our policy concerning data confidentiality and the use of cookies as well as our terms and conditions let you have the necessary guarantees relating to our conformity as a sub-contractor.

If needed, you can easily find a professional or Internet guides to help you in this compliance process.

What is Infomaniak's responsibility concerning the GDPR?

Like companies that work with European citizens, Infomaniak must comply with the General Data Protection Regulation:

Our data confidentiality policy details the data which we keep in order to provide and run our services.
Our policy regarding personal data protection describes Infomaniak's commitments as a processor that hosts all of your data, including data of a personal nature.

Does Infomaniak have a delegate for data protection?

Yes. The Infomaniak officer for everything relating to using, managing, and protecting personal data is Tiago Pedro. As the data protection officer, he is responsible for informing and advising processing managers, all company employees and any subcontractors.

If necessary, please write directly to the address dpo@infomaniak.com.

Infomaniak and the protection of your personal data