Skip to main content

GDPR Compliance

Last Updated: March 1, 2026

CloudLink is committed to GDPR compliance for all EU/EEA data subjects. CloudLink SASU (our EU entity registered in France) processes European personal data in accordance with the General Data Protection Regulation (EU) 2016/679.

Data Protection Officer (DPO)

Email: [email protected]

Entity: CloudLink SASU, 75008 Paris, France

Supervisory Authority: CNIL (Commission Nationale de l'Informatique et des Libertés)

Your Rights Under GDPR

Lawful Basis for Processing

PurposeLawful BasisRetention
Account managementContract performanceDuration of contract + 3 years
Service deliveryContract performanceDuration of contract
Billing & invoicingLegal obligation7 years (tax requirements)
Analytics & improvementLegitimate interest26 months
Marketing communicationsConsentUntil consent withdrawn
Security monitoringLegitimate interest12 months

International Data Transfers

When personal data is transferred outside the EU/EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organizational measures including encryption at rest (AES-256) and in transit (TLS 1.3).

Our sub-processors are listed on our Sub-processors page.

Data Processing Agreement

CloudLink offers a pre-signed Data Processing Agreement (DPA) to all customers. Our DPA includes Standard Contractual Clauses and is available for download on our DPA page.

Exercise Your Rights

Contact DPO →