|
|
|
|
|
|
by mbrookes
3189 days ago
|
|
|
If you're providing a consumer storage service, and users are uploading their own data for personal use, this is outside the remit of GDPR. If you're providing a storage service to a business that handles personal data, your a data processor, not a data controller. If you're the data controller, you need a classification technology that can identify personal data in those documents (amongst other capabilities). As always, there are exceptions, but that's the general rule. |
|
|