Summary of Our Compliance to General Data Protection EU Regulation
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR's primary aim is to give control to individuals over their personal data.
In case you choose to purchaise our Hosted Solution, Papermerge automatically becomes protector of your data and we are subject to General Data Protection Regulation.
This page describes only the most important aspect of our GDPR Compliance. Full text of our GDPR compliance can be found in Papermerge GDPR Compliance Policy.
The principle of Papermerge is convenient way of document management. With Papermerge you can digitally archive your documents in a central location, organize them and access them from anywhere. You can also remove your documents from our platform at any time or export them in a common file format and save them elsewhere. Papermerge allows you to structure the documents and recognizes all important information. With the help of Papermerge, documents can be found quickly and easily thanks to intelligent organization and search functions.
We do NOT give, sell or transmit, neither your documents nor derivative information from your documents to 3rd parties. Your documents stay on our servers, and it is the core of our business to keep your documents safe and secure. Your data is yours only and our business is to guard your data securely. We rent servers from Linode.com. In order to assure long term storage of your documents we make backups twice a day. Backups are encrypted using AES 256 CBC algorithm with 2048 bit X509 certificates. Encrypted backups are stored on two remote AWS S3 servers located in two distinct data centers.
In short: No. We only share information with your consent, to comply with laws, to protect your rights, or to fulfill business obligations.
Our business is registered in Germany and it complies to German legislation. Germany has very strict laws regarding individual privacy and private data protection.
We only share and disclose your information in the following situations:
Compliance with Laws. We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
Vital Interests and Legal Rights We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
We may transfer, store, and process your information in countries other than your own.
Your Papermerge host servers will be deployed on servers located in region you choose during registration process. In order to ensure safety and long term storage of your data - we may transfer encrypted backups of your data to different regional servers. Please note that NO 3rd party, partner or company may access user or process data stored in backups because backups are encrypted using highly secure AES 256 CBC algorithm.
As mentioned before, this page contains only the most important of points of our GDPR Compliance policy.
You can read complete version of our GDPR Compliance Policy document at this link.