GDPR compliant use of cloud services

GDPR compliant use of cloud services

Decoupling of user data and encryption in compliance with the GDPR

Regulatory measures such as the General Data Protection Regulation (GDPR) place an obligation on companies and organizations to ensure comprehensive protection of the personal data they process in cloud platforms. In this regard, it is not enough to rely on the measures or promises of the cloud service providers.

So-called data exporters, i.e. any entity that transfers personal data to the sphere of influence of a third country, must check whether the European legal obligations can nevertheless be complied with and an adequate level of protection is guaranteed. If this is not the case, as for example in the case of the USA due to the scope of Section 702 FISA, E.O. 12333 or the CLOUD Act, concrete compensatory measures must be taken to ensure that the level of protection is really met. The relocation of the cloud providers' servers to Europe as the sole measure is not considered sufficient in this respect by current legal scholarship, as access by third-country authorities cannot be ruled out.

This poses a dilemma for all companies and public authorities that need to process personal data and do not want to do without the use of modern and efficient cloud platforms.

Our Cloud Data Protection Gateway R&S®Trusted Gate offers a tailored solution for this: by decoupling user data from the services of the cloud platforms, users can continue to use their daily workflows in the cloud applications, while the data to be protected is encrypted in compliance with the GDPR and stored in freely definable local or cloud-based data storage.

The cloud service providers do not have access to the protected data at any time, effectively preventing third party access. The legal security of this patented approach is confirmed by a detailed legal opinion by Prof. Dr. Heckmann (TU Munich).

Application example:

The Microsoft® 365 solution including Teams is already in use throughout the company. Employees appreciate the simplicity and functionality of this solution. The company wants to implement the GDPR requirements without restricting the user experience.

R&S®Trusted Gate meets these requirements by encrypting all chats and conversations in Teams. All files uploaded to teams are encrypted, fragmented and stored in self-defined locations. Important additional workflow functions such as full-text search, versioning or data exchange even with external partners continue to function without data content reaching Microsoft.

Featured content for GDPR compliant use of cloud services

Webinar-Aufzeichnung - Ausweg aus dem "Cloud-Dilemma"

Webinar: Ausweg aus dem "Cloud-Dilemma" (German)

Legal Opinion: Privacy-compliant use of cloud solutions

Legal Opinion: Privacy-compliant use of cloud solutions

Download now

Webinar recording: data sovereignty in public clouds

Webinar recording: data sovereignty in public clouds

Watch Video

Your monthly cybersecurity update

Your monthly cybersecurity update

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Marketing permission

I want to receive information from Rohde & Schwarz via

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.