Stackhero is a European company, based in France, and the General Data Protection Regulation (GDPR) is part of how we build and run our managed cloud services. This page explains, in plain terms, how Stackhero approaches data protection and where to find our Data Processing Agreement.
Under the GDPR, you, our customer, are the data controller: you decide which personal data you store and process on the services you deploy with Stackhero. Stackhero acts as a data processor: we process that data on your behalf, to operate the services you run.
Our Data Processing Agreement describes how Stackhero processes personal data on your behalf as a processor. It is part of our Terms of service and applies automatically when you use Stackhero, so there is nothing to sign or send back.
You can download the Stackhero DPA for your records here: Download the DPA (PDF).
Stackhero operates data centers in multiple regions. The data of a service is hosted in Europe only when that service is started in a European region. You choose the region when you create a service, and that choice determines where its data is hosted.
The GDPR gives individuals rights over their personal data, such as access, rectification, portability, and erasure. As the processor, Stackhero provides the tools and support to help you, the controller, respond to requests from your own users. For the personal data Stackhero holds about you as our customer, such as your account details, please refer to our Privacy policy.
Strong data protection relies on strong security. Stackhero is certified ISO 27001:2022. You can learn more on our certifications page.
For any question about data protection or this page, contact our team at privacy at stackhero dot io.
This page is provided for general information only. It is not a contract and does not create any obligation beyond those set out in our agreements. Our Terms of service and the Data Processing Agreement are the binding documents, and they prevail in case of any discrepancy with this page.