What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) is a mandatory regulation on privacy protection in the European Union (EU). It is designed to protect "individuals' fundamental rights and freedoms, particularly their privacy". It went into effect on May 25, 2018, applicable to organizations that market goods and services to EU citizens or collect and analyze data related to EU residents.

GDPR compliance highlights

Privacy policy

When customers use Kingsoft Cloud services, they may provide their personal data to Kingsoft Cloud out of trust. Kingsoft Cloud is committed to protecting the personal data and privacy of each customer. It only collects and uses customers' personal data within the necessary and limited business scope while taking various security measures to guarantee the confidentiality, integrity, and accuracy of such personal data.
The privacy policy of Kingsoft Cloud is available at: https://endocs.ksyun.com/documents/28241

Security

The latest version of the Kingsoft Cloud Security White Paper stipulates the security measures, including security policy, compliance, personnel security, access control, basic security services, data security, physical and environmental security, change control, and business continuity, to meet the security requirements of Article 32 of the GDPR. Kingsoft Cloud has established security specifications and response procedures for data breaches and conducted targeted exercises to ensure that teams are familiar with their roles and responsibilities, thus meeting the requirements of Articles 33 and 34 of the GDPR.

Account cancellation

The GDPR has introduced a new right for users: the right to be forgotten. In response to this requirement, Kingsoft Cloud provides a function of account cancellation to enable automatic account deletion, which meets the requirements of Article 17 of the GDPR about the right for users to have their personal data erased. After an account is canceled, all the services, data, and privacy information under the account are deleted and cannot be restored.

Authoritative compliance guarantee

Kingsoft Cloud has received multiple compliance certifications such as ISO 20000, ISO 22301, ISO 27001, ISO 27018, CSA C-STAR, SOC Report, Information Security Classified Protection, and the Trusted Cloud Service certification by the Ministry of Industry and Information Technology (MIIT) of China. Its compliance with the protection of personal data has been certified by authoritative institutions.
Kingsoft Cloud has been keeping track of the legislative and regulatory trends of the GDPR, taken a series of measures to protect customers and their personal data stored on the cloud, and launched a series of products and services to protect enterprise and personal information. Kingsoft Cloud undertakes that, except in exceptional circumstances required by law, it will not access or otherwise use the data stored on the cloud without authorization or consent. Instead, it will take comprehensive security measures to protect customers and their personal data stored in Kingsoft Cloud.