Be updated, subscribe to the OpenKM news

Data protection in the cloud

Ana Canteli

Written by Ana Canteli on October 08, 2021

Data protection is a responsibility for all organizations, whether they are public or private; whether or not they are aimed at achieving economic benefits. And data security, a concern common to all of them. In addition, information of a sensitive nature, on many occasions, is regulated by special legislative provisions, which oblige entities to save said data on platforms hosted in the country.

On the other hand, efficient use of resources - maximizing results and minimizing costs - is the order of the day, so that few organizations can rule out the use of cloud storage services. And it is that by itself, cloud computing services are a legitimate, accessible, and legal tool to continue with the activity of the organization in the era of digital transformation.

Cloud computing services allow organizations that opt for this solution to maximize the management of resources related to information processing. In this case, the beneficiary entity of the cloud services does not need to carry out investments in infrastructure, but rather rents it to the provider, under the guarantee that the provider will ensure that the agreed service conditions are maintained at all times.

In a cloud computing environment, information management is virtually in the hands of the client who hires cloud services that may contain functionalities for database management, document management, email management, ... depending on the needs of the organization. This accesses your data through the internet, based on the contracted cloud service model, which can be of different types:

  • Public cloud: when the service provider and the client maintain a purely contractual relationship, open to any type of organization: sole proprietorships, SMEs, large corporations, etc.
  • Private cloud: the provider provides cloud computing services, demonstrating that it is responsible for maintaining the service at all times, without the collaboration of third parties, although it may be implemented by other companies that will act under the supervision of the cloud service provider.
  • Hybrid cloud: when the provider offers certain services publicly and others privately. For example, an orchestration of cloud and server resources so that an organization that manages large volumes of data in certain periods of time, needs to balance its infrastructure to absorb the high seasonal demand.

Depending on the model used, the data may not actually be in the hands of the cloud provider. In addition, aspects such as data ownership, maintenance, and management of the physical support of the information, processes, and communications may be in the hands of third parties. In turn, the provider may be located inside or outside the client's country, making this situation compatible with the offer of low-priced cloud hosting services. This can be achieved through resource optimization methodologies such as offshoring, resource sharing, and mobility, or through additional outsourcing.

As a result of all this, the organization ultimately responsible for the protection of personal data may not know where your data is, lack direct control over it (access, rectification, deletion, limitation of treatment, portability, opposition, and automated individual decisions) Although, if that information contains personal data, it should comply with the provisions of the EU GDPR.

On the other hand, cloud solutions may or may not be open portability. The easier it is for the organization to transfer its information from one cloud provider to another, the more portability that provider will provide. And it is necessary to bear in mind that the relationship with the cloud storage provider can be terminated at any time; not only by the client but also by the provider, motivated by changes in the characteristics of the services.

In this sense, OpenKM Cloud, software as a service, is OpenKM's cloud computing option in its public cloud format. It includes complete export facilities, so that the client extracts all its documentation, without explanations and without requiring services from the supplier. With OpenKM the client is 100% possessor and owner of his information. OpenKM servers are located in the EU so that the client has all the guarantees of the European legal framework, plus the legal compliance of the client's country. The cloud services contract includes the guarantee clauses required by article 28 of the RGPD.

And that's why the infrastructure of data storage and computing in the cloud in Europe is of vital importance to guarantee the full autonomy of the organizations. In this way the data that is generated in Europe stays in Europe, exhaustive compliance with EU laws is guaranteed and thus European organizations will not depend on foreign companies that could use their data to obtain benefits abroad.

Contact us

By submitting this form, your information will be sent to the website owner, who will use it to communicate with you regarding this inquiry, its products, and services. No information will be shared with third parties.

We will make every possible attempt to reply within 24 hours. Please review your spam folder if no email is received.

General inquiries

North America Headquarters:
37 N. Orange Ave. Suite 536, Orlando, FL 32801
+1 646 206 6071 (USA)
+44 208 638 8114 (UK)

c/ Bunyola 13, 07004 Palma de Mallorca, Balearic Islands, Spain
+34 605 074 544 (Spain)

North America: Please call +1 646 206 6071.
Office Hours:
Monday - Friday: 08:00 am - 17:00 pm EDT for immediate assistance. Currently, it is Tuesday 17:02 pm in New York, USA.

Europe Spain: Please call +34 605 074 544.
Office Hours:
Monday - Friday: 09:00 am - 14:00 pm, 16:00 pm- 19:00 pm CEST for immediate assistance. Currently, it is Tuesday 23:02 pm in Palma de Mallorca, Spain.

OpenKM worldwide:

Middle East:
North Africa:
North America: