GDPR compliance guidance
As a self-hosted or locally hosted platform, use of Nextcloud can eliminate a whole raft of compliance risks and complications. Read on for a short introduction to the GDPR and links to our documentation.
Short introduction
The GDPR is an European regulation, providing binding guidance on how personal data from EU citizens is to be handled. Note that the law applies to any data from EU citizens, even if you are not an European company! Personal data is broadly defined as "anything relating to an identified or identifiable natural person", which includes IP addresses, user names and more.
The GDPR is strict on what can be done with personal data, aiming to give users control over what happens with it. Any processing beyond that what is strictly needed to provide the service the user might be signing up for or using has to be approved, through explicit opt-IN, by the user.
Rules also exist around removal of data and access to it.
The issue with third parties
Subscriber exclusive content
A Nextcloud Enterprise Subscription provides unlimited access to our knowledge base articles and direct access to Nextcloud engineers.