Guidelines for Using Docmosis Cloud Services in a GDPR-Compliant Manner

This document is a guide that outlines the procedures for using Docmosis Cloud Services in compliance with the EU General Data Protection Regulation (GDPR). It specifies that no Personal Data should leave the European Economic Area (EEA) and that data must be processed with appropriate security and privacy measures. The document details the necessary precautions for sending Personal Data to the Services, emphasizing the importance of using the correct Base URL and HTTPS protocol for data transmission. It also provides rules for storing templates and images, stating that these should not contain Personal Data and must be stored in the EU1 processing region. Additionally, the document advises against sending Personal Data to Docmosis Support or team members, recommending the use of modified artefacts for support requests. Specific GDPR compliance notes are included, detailing the responsibilities of both Docmosis and its customers regarding data processing and security measures.