February 7, 2022  |  GDPR, Security

New EU Setup for GatewayAPI Customers

Back to all posts
New EU Setup for GatewayAPI Customers

It is possible to access a solely EU setup at GatewayAPI. This means that data is stored by a cloud provider, which both operates physically in the EU, and is owned by a company within the EU. Furthermore, all our connections are handled through telecommunications companies and A2P providers within the EU by default.

This setup is relevant for customers who have special requirements concerning their data, and can be activated by contacting support. Support will then help you move to our EU setup.

New EU setup at GatewayAPI is hosted by Hetzner

Hosting by the German cloud provider Hetzner

The EU setup is hosted in a Tier 4 data center by the German cloud provider Hetzner Online GmbH, which has server farms in Nuremberg and Falkenstein among other places. We have previously used Hetzner in various contexts, and have good experiences with them. Hetzner has been around since 2000, and is today the 12th largest cloud provider in the world, measured by revenue. You can thus expect the same high uptime and security that you are used to.

Use of telecommunications companies within the EU

In the EU setup we only use telecommunications providers located in the EU, where we also ensure that the SMS messages are only routed via operators within the EU*. We have direct cooperation with a number of telecommunications companies in Denmark and the rest of Scandinavia as well as in a number of countries within EU.

*Please note that this does not apply for SMS traffic, which is sent from the EU setup to countries outside the EU. 

gdpr_statement_isae3000-februar_2022-1200x628px

GDPR and ISAE 3000 auditor’s statement

It is very important that you know for sure that your company’s data is handled professionally and in accordance with the guidelines in the General Data Protection Regulation.

GPDR is therefore today considered in everything we develop and do, and we are constantly improving our data protection, both in terms of securing the data shared with us, as well as complying with the laws and regulations relating to data protection.

We receive an ISAE 3000 Auditor’s Statement annually (comparable to an SOC 2 report), in which state-authorized public accountants from BDO control and certify our security measures and our compliance as an independent third party. The report thus proves that we have implemented security measures and that these measures work effectively. Read more about the ISAE 3000 Auditor’s Statement and find the latest statement here.

If you want a complete list of certified areas, you are welcome to write to gdpr@onlinecity.dk.