Lesson Progress
0% Complete

At cloud computing, data is not stored locally on one’s own PC, but data processing is outsourced to any location or external company. The application and the data are located in the “cloud” respectively a data cloud. The data processing of cloud computing is basically compatible with the GDPR. However, there are some aspects to be considered from a data protection perspective for the use of cloud services. 

The linchpin for cloud computing is the distinction between the “controller” and the “processor”. The cloud user is the controller in the sense of the GDPR. The cloud provider is accordingly a processor. A processing contract is concluded between the provider and the user in accordance with Art. 28 DSGVO.

There are three cloud computing variants:

This image has an empty alt attribute; its file name is Unbenannt-13.png
Infrastructure as a Service (IaaS): Provision of technical infrastructure such as computing power, networks or storage space.
Platform as a Service (PaaS): Provision of the programming and development environment for the development and offering of own software applications.
Software as a Service (SaaS): Cloud providers can make pure software applications available to the user.