Now, I need to take Data Protection Seriously. Thanks, EU

GDPR Contact:

Here you will find all the information about how GDPR is enforced across KS Services and Managed Services (such as hosting) and who we have contacts with.

Current Contacts and Service Provider

Microsoft – Office 365

Microsoft Office 365 is a cloud-based service that is designed to help meet your organization’s needs for robust security, reliability, and user productivity.

Services used/Use Case: Provides email and cloud storage. Some KS Services also relay through Office 365. KS Staff uses Office 365 for email and other features.


Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery, and other functionality to help businesses scale and grow.

Use Case: DNS

SendGrid is a leader in email deliverability and its cloud-based platform successfully delivers over 25 billion emails each month.

Services used/Use Case: Bulk Email. This is used when Office 365 can’t be used.


MailChimp is a web-based email marketing service. It helps you design email newsletters, share them on social networks, integrates with services you already use, and track your results

Services used/Use Case: no longer used.

Cloudflare, Inc. is a U.S. company that provides content delivery network services, DDoS mitigation, Internet security and distributed domain name server services, sitting between the visitor and the Cloudflare user’s hosting provider, acting as a reverse proxy for websites.

Services used/use case: (KS Content Delivery Network) – CDN, DNS, Analytics

OVH offers a wide range of IT services to companies, and to individuals who are passionate about tech. Whether you’re looking at our Private Cloud, Public Cloud or Hybrid Cloud services, web hosting plans, virtual datacentres, dedicated servers, storage solutions or even xDSL and VoIP connections, our services are constantly being improved with the very latest innovations, and are regularly developed with new features. 

Services Used: Server Hosting, Cloud Storage


1. What is GDPR?

The General Data Protection Regulation (GDPR) is a sweeping new EU law that went into effect in all EU Member States on May 25, 2018. It mandates how companies can collect, store, delete, modify and otherwise process personal data of EU citizens. It applies to any company that processes personal data of EU citizens, regardless of whether it has any physical presence in the EU, or even whether it has any EU customers. Companies are also required to pass these obligations down to all of their vendors and suppliers who may also handle personal data of EU citizens anywhere in the world.

2. What is ‘personal data’ under GDPR?

The EU’s concept of “personal data” is much broader compared to the US’s concept of “PII”. Under EU law, personal data meaning any data that can relate to and the identifiable natural person or identified person (“data subject”). An identifiable natural person is someone who can be identified, directly or indirectly in a by a reference to an identifier such as a name, ID number, location data, an online identifier or by more specific factors such as the physical, genetic, mental, economic, cultural or social identity of that nature. The information doesn’t have to be confidential or sensitive to qualify as personal data.

3. Is KS a Data Controller or a Data Processor?

Anyone external to KS will typically act as the data controller for any personal information made available to KS in connection with there use of my services. The data controller determines the purpose and means of the collection and processing of personal data, while the data processor processes data on behalf of the data controller. KS, as the data processor, will process personal data on behalf of our customers in connection with providing the services to our customers.

When is KS the data controller?

KS offer completely managed IT Solutions, which has GDPR bundled in. So when you buy a complete managed website, for example, KS will collect some information from your users such as IP address, country and so on. This will be operated by KS and stored on KS Systems. This is an example of when KS is the data controller.

4. What Types of data does KS Process?

We generally don’t own the information as it’s controlled by our customers. The data belongs to our customers and their users who control the data transmitted, routed, switched and cached across the KS Network (. e.g. images/photos, written content, memes, graphics, etc.). Additionally, we may gather certain information, regarding the use of our customer’s websites, and process data submitted by our customers or which we are instructed to process on their behalf. While it not up to KS which data we receive, it typically includes items such as contact information, IP Addresses, security fingerprints, DNS Logs and website performance data from browser activity. We will process such data in order to provide the service to our customers and in accordance with applicable laws, including the GDPR.

What about Redbubble?

KS only sells the Artwork on Redbubble, please see the RedBubble privacy policy for more information –