Mender blog

Data privacy: compliance should be built-in

Artboard

Data privacy regulation and compliance remain a top concern for consumers and businesses. Rightly so as data’s power and potential abuse continue to surface in headlines worldwide and regulations continue to evolve.

Covering the European Union, the General Data Protection Regulation (GDPR) remains the strictest data privacy regulation, implemented nearly five years ago. GDPR has served as the data privacy model for numerous countries, such as Japan, South Korea, and Argentina. The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation . It requires compliance with ‘data protection principles’ that are very similar to GDPR within the European Union. And even California has adopted a GDPR-similar law for the state. Embattled by its comparatively lax data privacy regulations, the United States promises better data protection for European Union citizens with the recently issued executive order.

A critical element in today’s data privacy regulations is the geographical storage of personal data – specifically, whether that data is stored within the European Union, where GDPR governs and protects, or the United States.

Regardless of jurisdiction, best practice dictates the utmost care and protection of personal data and data privacy compliance. In an increasingly regulated environment, ensure compliance today to best prepare for future data privacy changes.

Hosting options ensure compliance

Hosted Mender customers can choose between hosting their Mender tenants in either the United States or the European Union. In the United States, the hosted Mender tenants are in the East region hosted on AWS. In the European Union, hosted Mender tenants are on Microsoft Azure’s data center in Amsterdam. Mender’s underlying database, Atlas MongoDB Europe, is located in the European Union (Amsterdam), and Atlas MongoDB USA is located in the East region of the United States.

The benefits of choice

Ensuring hosted Mender customers have multiple hosting options also delivers functional benefits, including:

  • Ensure internal compliance: Multiple hosting locations enable customers to comply with their legal and corporate regulatory requirements.
  • Facilitate regulatory compliance: The flexibility to choose the location for hosting minimizes administrative burden and better facilitates regulatory compliance for European customers.
  • Improved performance: Multiple hosting locations also improves service performance. The European hosting location will also provide marginal improvements in communication speed and artifact deployment performance for customers operating their device fleets within the jurisdictions of the European Union, the European Economic Area, and the Schengen Area.

Seamless migration support

Migrate from one region to another

For existing customers who wish to migrate hosting from the United States to the European Union, Mender offers migration support. Mender’s migration support will transfer hosting and all relevant data to the location of choice. The migration fee covers all labor and associated costs for the migration and will be discussed in-depth with each customer according to their unique requirements and goals.

To ensure a smooth migration process for our users, we will take on the responsibility of reaching out to each of our customers individually to find the best solution for them. In this process, we will offer the contacted customer a place inside the migration queue that suits their schedule and a one-time migration proposal tailored to the customer’s specific circumstances. Careful scheduling of the migrations will allow us to provide individualized support to each of our customers and continue to deliver the highest standard of uninterrupted quality service.

Choose the region that best fits your requirements

New hosted Mender customers choose their hosting region during their sign-up process.

Dual hosting solutions

Customers will not be able to split their hosted Mender services for their users between two regions – partly running in the European Union and partly in the United States. The same user can be used in two different regions, but the customer must register the user twice, once per region.

Want to migrate? Contact us!

Built-in security and compliance

The increasing demand for data privacy regulation, compliance, and stricter controls requires built-in data security and compliance practices in the device management infrastructure. To support this, flexibility in hosting options is now essential. Customers must be able to choose a geographical hosting location that complies with data protection regulations in their local jurisdiction. By offering multiple hosting options, Mender makes it as easy as possible for our customers to choose the right hosting location to match their local regulatory requirements. Mender customers can easily stay compliant with regulations and ensure maximum protection for their company and customers' data privacy.

Recent articles

The scope of EU Cyber Resilience Act (CRA) compliance

The scope of EU Cyber Resilience Act (CRA) compliance

Explore the scope of the EU Cyber Resilience Act (CRA). Learn about the CRA's scope, and why secure OTA updates are essential for compliance.
An overview of EU Cyber Resilience Act (CRA) compliance

An overview of EU Cyber Resilience Act (CRA) compliance

Learn how the EU Cyber Resilience Act (CRA) enforces stringent cybersecurity requirements for PDEs. Explore compliance essentials in part 1 of a 4-part series.
Challenges in complying with the EU Cyber Resilience Act (CRA)

Challenges in complying with the EU Cyber Resilience Act (CRA)

Discover how manufacturers can achieve Cyber Resilience Act (CRA) compliance by tackling secure updates, SBOM management, and vulnerability tracking with robust OTA solutions.
View more articles

Learn why leading companies choose Mender

Discover how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices. Focus on your product, and benefit from specialized OTA expertise and best practices.

 
sales-pipeline_295756365