Skip to content

GDPR (Regulation (EU) 2016/679)#

Disclaimer

It is important to note that the information provided in this document is for general informational purposes only. Any liability for the completeness, accuracy, timeliness, or reliability of the content is expressly excluded. Organizations are advised to consult with legal, compliance, or technical experts to ensure that their specific compliance and security needs are adequately addressed.

Shared Responsibility Model#

The shared responsibility model outlines how GDPR compliance is a shared obligation between Stakater and its customers, with clearly defined roles:

Stakater’s Responsibility#

Stakater is responsible for:

  • Securing the Kubernetes infrastructure, including the control plane, nodes, and network.
  • Implementing technical measures like encryption, access controls, and monitoring.
  • Providing tools and capabilities to support customer compliance.

Customer’s Responsibility#

The customer is responsible for:

  • Ensuring application-level compliance with GDPR.
  • Managing workloads, data, and user access policies on the platform.
  • Conducting audits and maintaining compliance documentation.

This division ensures clarity on roles while positioning Stakater as a compliance partner.

Technical and Organizational Measures (TOMs)#

These specific measures are implemented to ensure GDPR compliance.

Subprocessors#

Stakater subprocessors can be found here.