GDPR Compliance 

What is GDPR? 

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. The enforcement date of GDPR is 25 May 2018.

You can read more about the regulation here on

Is Comet GDPR Compliant? 

Comet can be part of your GDPR compliant backup offering, however you will have to ensure that you fulfil your own GDPR obligations as well. It maybe advantageous to engage a GDPR consultant or agency to ensure your compliance.

What aspects of using Comet will help with providing a GDPR compliant backup offering? 

  • Encryption: Comet always encrypts all user data before storing it. It remains encrypted during transfer and also at rest in the storage destination, even in a scenario where the storage destination is compromised the data remains unreadable. Technical details about our encryption can be found here.

  • Server and Storage Locations: For Comet Enterprise as this is a self-hosted and managed product that you control, you can choose where your server and storage destinations are located and what security measures you have in place. CometGo! Server and it's attached storage are hosted on Amazon AWS EC2 & Object Storage platforms in the region you selected upon signup. More information is available here about the cloud security measures Amazon has in place.

  • Access: If you are using Comet Enterprise, only you can access your Comet server and grant/create additional system users. If you are using CometGo! we respect the privacy and security of your server instance. In the unlikely event that Comet Backup staff would require direct access your Comet Server instance, your consent will be sought first and this access will only be undertaken if consent is granted by you.

  • Removal of data: In both Comet Enterprise and Go! you have total control over the data including deletion options if a customer requests it from you.

What information does Comet Server send back to us? 

The only information that is transmitted back to us from your Comet Server is basic information in order to validate your server serial number and aggregate information for licensing and billing purposes.

Where can I find more information about the handling of Personal Data, Privacy Policy and Data Processing? 

You can find this information here.