Simplified GDPR hosting that protects your customers and data
We’ve automated a big chunk of the GDPR process to simplify compliance. Real-time audits, single-click robust security enhancements, and GDPR documentation verification shifts the bulk of your GDPR load to Storm – putting more than £860/month back in your pocket (compared to similar-spec expert services).
- Storm can do this as part of our hosting service
- Benefitting from our partnerships we can pass the saving on to you
- We can host your server and manage the security of it too
Powerful compliance tools
When you host with Storm you automatically get access to the Security and Performance centre. Add your servers and sites to simplify GDPR compliance.
Simplified GDPR
With the help of a GDPR specialist, we designed a comprehensive security suite that simplifies compliance and keeps you ahead of the legislative curve. Navigate to the Storm Security Centre to access GDPR document validation checks to secure customer data, enhance data transparency, and operate on lawful bases.
Security features
Need a robust arsenal of enterprise-grade security features without the heavy price tag? Feature-rich security, continuity, and disaster recovery tools deliver 360° protection against existing and emerging online threats, and can be accessed and enabled in a few clicks within the Security Centre.
Beyond GDPR compliance
The Security Centre’s audit tool scores your site’s or server’s security, performance, and data protection. Follow the enhancement recommendations for better compliance with ICO and NCSC requirements as well as to supercharge your security. Built-in audit reports provide a paper trail of active security services on your site, reducing the potential for crippling fines and reputational damage.
Your safety first
Storm servers are hosted in UK-based Tier 4 ISO 9001, 14001 and 27001 audited and certified Public Sector Network(PSN) and N3-compliant data centres. Proprietary data centre security protocols, intelligent multilayer DDoS protection, and 24/7 monitoring by specialist security personnel ensure that threats are proactively detected and eliminated – keeping you and your customers safe.
FAQ: GDPR-Optimised Hosting
The General Data Protection Regulation (GDPR) is a set of regulations with the objective to protect the personal information and privacy of individuals in the United Kingdom, European Union (EU) and European Economic Area (EEA). GDPR applies to all organisations that offer goods or services or monitor the online behaviour of UK and EU citizens.
“Data processing” refers to the collection and subsequent processing of personal information such as name, email address, IP address, and location. Under GDPR this data may only be captured with consent and must be processed fairly, securely, transparently, and lawfully, and only be stored as long as it is required.
As a GDPR-optimised web hosting service provider, Storm has the following GDPR-related responsibilities:
- Data Protection. With extensive cutting-edge security measures in place, Storm gives your security a powerful boost out of the box. This includes firewalls, encryption, 24/7 monitoring and surveillance, intrusion detection, regular security audits, and more.
- Data Processing Agreement (DPA). Storm’s GDPR Statement sets out Storm’s responsibilities and liabilities pertaining to data storage and processing under the GDPR.
- Data Processing. You are the owner of the data submitted to Storm, whether on our servers or your on-premise infrastructure. We do not access the data you submit to Storm. Any data processing that may occur is only done so in relation to the services we offer. Nor is your data shared with third parties, unless lawfully required.
- Data Transfers. All your data is stored on UK-based hardware owned and maintained by Storm Internet. This hardware is co-located in the UK at our ISO 27001-certified data centres. All your data is stored in the UK, and therefore not transferred outside the EEA.
- Data Breaches. We’ve made significant investments to keep your data safe. In the unlikely event of a breach, we’ll notify you within 48 hours of the discovery of the breach.
The UK GDPR applies when:
- You are physically located in the United Kingdom. The UK GDPR applies even when the data is processed outside the UK.
- You are located outside the United Kingdom, but process the personal data of UK-based individuals. This is especially the case if the processing activities are related to the offering of goods or services to individuals in the UK, or the monitoring of their behaviour within the UK.
If any of the above is true, then you’ll benefit from GDPR-optimised hosting.
Given that the EU GDPR is a European Union regulation it doesn’t apply to the UK, and you’ll instead be required to comply with the Data Protection Act 2018. However, the EU GDPR may still apply to your business if you operate in the European Economic Area (EEA).
Provisions of the EU GDPR are now part of the UK GDPR, with very few differences between the two.
Within the context of GDPR web hosting, you are the data controller and Storm Internet is the data processor. A data controller determines how data is processed. The data processor processes data on behalf of the data controller. As such, your responsibilities include:
- Obtaining valid consent from individuals whose data you collect and store.
- You are also required to provide transparency with regard to how personal data is processed
- Individuals should also be able to access, rectify, erase, restrict, or object to the processing of their personal data
- You’ll also need to perform periodic impact assessments to determine the risk associated with the collection and processing of sensitive data. This is especially relevant if where changes are made to the underlying technology used to capture and process data
- Should you suffer a breach, you’ll be required to notify the ICO as well as affected individuals within 72 hours of learning of such a breach
- You may need a cookie consent banner if you use cookies or other technologies capable of collecting information from individuals. Cookies are small text files that can be used for a variety of purposes, such as remembering preferences, tracking technical information about the individual, and direct marketing, to name a few.
The risks of not complying with GDPR regulations can have potentially disastrous implications. These can include:
- Fines or penalties up to 4% of your annual global turnover or £17.5 million, whichever is greater.
- Reputational damage (e.g. media publications reporting the breach) and loss of trust from visitors, users, and other stakeholders
- Legal actions filed by affected individuals
You can minimise potential risks by signing up for Storm’s GDPR-optimised hosting. We can also provide you with expert guidance on all your GDPR-related queries.
Don’t just take our word for it
Over 14,000 happy retailers & brands use Storm Internet
From the offset, Storm took the time to understand our problems and gave us confidence they could provide solutions to our issues. We've not been disappointed. Read More
Elliot Price - Elizabeth Shaw
Storm made us as the customer feel like we were valued. I think they are one of the best managed hosting companies out there! I have recommended Storm to several other people who have also been very pleased. Read More
Chris Palmer - Mystery Shoppers
The Storm guys rectified any issues quickly and without needing any prompting from us. Being able to contact the MD is a real bonus, it's good to know that you have the right person's ear for what is critical to us. Read More
Bob Baker - Signum International
We had several issues with previous hosting providers including their communication, support and performance. With Storm Internet any issues have been resolved immediately and the support system is really easy to use. Read More
Sim Sekhon - Legal4Landlords
If you need a responsive company to help with your web needs, then you can do no better than to call Storm Internet. Their dedicated team will help out in the most pressing of circumstances. Read More
Anna Stefaniak - YKK Europe
We rely on Storm, 5 years and counting. They elevate managed hosting to a whole new level and speak our language. Read More
Mike Bowen - Channel and Mobile Solutions
We need a website that is up and running at all times, and Storm delivers. They go the extra mile. Read More
Michael Saracevas - Cool Milk
Storm designed and proposed a dedicated Private Cloud infrastructure that not only met our needs for current business IT operations but also allowed for future growth. Read More
Theo Constantinides - Synbiotix Solutions Ltd
Whatever challenges you throw at them, Storm is always up to the task. Having them onboard is like having a complete tech team on duty 24/7 Read More
David Allaway - Mandon Software
Our needs had to be precisely matched and, unlike AWS or Google, Storm could do it Read More
Matteo Marcolini - Jayex Technology
Their support makes us look good Read More
Gavin Sadler - Quantock Design
The support guys have been brilliant in sorting every issue, the support provided and the price that we pay is far better than what other hosting providers had quoted us Read More
Justin Smith - Breakerlink
Storm Internet offered everything we needed. The support is there 24/7 and it is on a personal level. We feel like a business partner. Storm have helped us to optimise our server and keep everything running smoothly Read More
Omar Farra - Nitrotek
Storm Internet wins Best Hosted Provider at 22nd ISPA Awards
Over the years Storm Internet has collected a number of awards. They reflect a core methodology by which we empower our clients by providing them with the technology and tools they need to accomplish their goals efficiently.
Read More