EU GDPR – General Data Protection Regulation

Learn more about the protection of your data and our GDPR conformity

What is the EU GDPR?

In December 2015, after lengthy negotiations, the first European General Data Protection Regulation was created and thus a common concept of the European Union that applies equally to all member States. Until then, national legislation on data protection was based on the so-called EU Data Protection Directives of 1995. Although these were also unified, they were more a guidline than a regulation. As a result, there were considerable differences at the international level, which particularly made trade and online life between various countries difficult. At the same time, the US Privacy Shild Agreement of 2016 is considered to be nearly compliant in terms of data transmission, storage and processing. In addition, the EU member states are still being granted opening clauses that allow the national legislators their own regulations. However, the differences have been minimized. Since 25 May 2018, the EU GDPR, together with the JHA Directive (Justice and Home Affairs Council configuration), form the common data protection framework of the European Union.

Basically, the GDPR deals with the framework conditions for the processing of personal data, both by private companies and by public institutions. On the one hand, the protection of EU citizens’ rights is to be ensured, on the other hand, the free movement of data within the European Economic Area. Even if companies based outside the EU process personal data within the EU or EU citizens, these processes are subject to the GDPR. In the event of a violation, warnings and enormous fines are threatened.

Our measures for EU GDPR conformity

icon Support Schulung

Trained Support Team

All employees who process personal data are regularly trained in further education measures.

Datenschutz Verschlüsselung

Encryption at all levels

seven uses Hypertext Transfer Protocol Secure (HTTPS) and TLS encryption. Physical access is only permitted to authorized personnel.

icon Routing

Pure EU Routing

We adapt our powerful routing method to the increasingly complex network structures and equally high security standards.

icon Datenspeicherung

Optimized data storage

At seven, pro sustainability means limiting oneself to the legally required storage period of log files. Subsequently, the log files are anonymized.

What you as a user of web offers need to know:

  • Abbreviations: DSGVO is the German abbreviation for Datenschutzgrundverordnung. In the English GDPR, in the French RGPD. BDSG stands for Bundesdatenschutzgesetz, the German version, which is in addition currently in appropriate revision.
  • Many of the privacy principles remain in place. For example earmarking, data minimization and transparency.
  • Children and young people under the age of 16 are given special protection.
  • Your data as an EU citizen may be processed by all companies and institutions nationally as well as internationally only in accordance with the GDPR. This also applies to further processing by third parties and this may only be done for compatible purposes.
  • The requirements for informed, voluntary consent have been gradually increased. This means that users must clearly take an action to confirm their consent. Usually this is solved by clicking on boxes or fields or by specific entries like “I agree”.
  • In parallel, the requirements for the revocation of consent were reduced for the person affected. In other words, users must be able to withdraw their consent at any time without stating any reasons. This is also called opt-out function. Such a function must be implemented in every newsletter, for example.
  • In addition, users can view, change and delete the data processed about them at any time.
  • In future, companies must to provide their customers/users with detailed information on the extent to which the data is processed, by which third-party providers and for what purpose.

In addition to all these innovations, many, many more will apply from now on. Article 5 GDPR is also mentioned particularly frequently. It lays down the principles for the processing of personal data: legality, good faith, transparency, earmarking, data minimization, accuracy, storage limitation, integrity and confidentiality, accountability.

And precisely these guiding themes are the basis for a competent cooperation between providers and users. Therefore, seven has committed itself to data protection right from the start and will implement appropriate solutions with the new EU GDPR.

“The GDPR is steering mobile communication between companies, customers, employees and partners into new directions. CPaaS provides sovereign solutions for this digital transformation.”

Jana Limbers – Content Manager

Privacy Statement

The protection and integrity of your data is essential to us. We process partly highly sensitive data, which are protected by the highest security levels.Get more information »


What happens to your data, where are they forwarded to and who processes them further? We work transparently and only with established companies.Get more information »

DP Agreement

Send us the completed and signed data processing agreement by post or as a PDF by email. You have your own template for suppliers? Just send us this also by email.Open contract (PDF) »

Do you have questions, suggestions or special requests for the implementation of the GDPR? We are looking forward to your message.