Article 6
Lawfulness of Processing

Take into account appropriate safeguards, including encryption:

• the existence of appropriate safeguards, which may include encryption or pseudonymisation (4)(e)

SecureDoc Full Disk Encryption protects your data-at-rest and strengthens technical and organizational measures to ensure a level of security appropriate to risk.

SecureDoc Enterprise protects personal data to significantly reduce the threat of a data breach, helping you avoid the damaging fines and reputational damage associated with breach notification and non-compliance.

SecureDoc CloudVM strengthens GDPR Data  Sovereignty requirements and reduces the burden of compliance associated with International Data Transfers by applying location-, time and cloning-based restrictions to ensure that EU resident data is only stored and processed in EU data centers.

SecureDoc CloudVM’s portable, persistent encryption ensures that no matter where a VM is cloned or moved, it will remain protected from unauthorized access or disclosure, even in third-countries with inadequate protection.

Article 32
Security of Processing

Implement technical and organizational measures to ensure a level of security appropriate to risk, including:

• the pseudonymisation and encryption of personal data (1)(a)

Article 34:
Communication of a Personal Data Breach to the Data Subject

Avoid notifying all affected individuals and potential fines if:

• the controller has implemented appropriate technical and organizational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption (3)(a)

Data Sovereignty

The European Commission and Member States determine whether a third-country provides adequate protection; if not, strict regulations must be adhered to, and strong safeguards must be implemented.