Infomaniak and the protection of your personal data

If you’re a structure that processes personal data, you are probably affected by the provisions of the General Data Protection Regulation (GDPR). In this respect, you are subject to obligations that must be respected. The same applies to Infomaniak, which, in view of its situation, has distinct obligations in its capacity as subcontractor or data controller.
When do we share your information with other parties?
As a hosting provider, Infomaniak undertakes to comply with its obligations in line with the aforementioned regulations. As a result, you are also able to comply with the points of your regulatory obligations that are linked to our services.
As a subcontractor, Infomaniak undertakes to:
Store your data in our data centers based exclusively in Switzerland, and never transfer your data outside our own infrastructure.
Implement high security standards and maintain continuous improvement processes to provide you with a high level of security as part of our services.
Maintain and develop our physical security measures to prevent unauthorised access to the infrastructures on which your data is stored.
Be exemplary in terms of our responsiveness to security updates on the systems we manage.
Be transparent when we use subcontractors who may process your data.
Notify you as soon as possible in the event of a data breach.
Have physical and / or logical isolation systems (depending on the services) to isolate customer hosting solutions from each other and carry out intrusion tests once a year to ensure that data is watertight between customers.
These commitments are set out in our general terms and conditions and special terms and conditions.
It's essential to distinguish between the security of the infrastructure on which your data is hosted and the way in which you operate and implement it.
The customer's role
He is solely responsible for the security of the resources and application systems he uses with Infomaniak services.
Infomaniak's role
We are committed to ensuring the security of our infrastructures, notably through a security policy that meets the requirements of various standards, certifications as well as the GDPR.
FAQs about the GDPR /# comment #/ Questions fréquentes relatives au RGPD
Am I in compliance with the GDPR when using Infomaniak services?
Yes. However, we would like to point out that it is your responsibility to make the content (CMS, plugins, forms, etc.) you host via our services compatible with the GDPR.
It's important to distinguish between the security of the infrastructure on which you host your data, and the way in which you operate and implement the data. As a hosting provider, Infomaniak limits itself to a subcontracting role in relation to your responsibilities linked to the GDPR. In this context, our data confidentiality and cookie use policies, as well as our general and special terms and conditions, provide you with the necessary guarantees with regard to our compliance as a subcontractor.
If necessary, you can easily find a professional or guides online to accompany you through the compliance process.
What is Infomaniak's role and responsibility with regard to the GDPR?
Like all companies that work with European citizens, Infomaniak must comply with the General Data Protection Regulation:
- ●
Our data confidentiality policy describes the data we hold in order to provide and implement our services.
- ●
Our policy concerning the protection of your personal data describes Infomaniak’s commitments in its capacity as a subcontractor hosting all your data, including personal data.
- ●
Does Infomaniak have a data protection officer?
Yes, Yoann Lopez is Infomaniak's main contact for all matters concerning the use, management and protection of personal data. As Data Protection Officer, he is responsible for informing and advising data controllers, all company employees and, where applicable, our subcontractors.
If necessary, please contact us directly at dpo@infomaniak.com.