General Data Protection Regulation (GDPR) is a new EU regulation designed to harmonize data privacy laws across Europe and enforce much stricter privacy regulations. It was designed to better protect user privacy and reshape how organizations handle personal data.
GDPR applies to any company, website or organization worldwide that deals with personal data from residents of the European Union. If your company processes, stores or transmits personal data of EU residents, you will be required to comply with the new regulations.
Due to the global nature of bunny.net, it is likely that GDPR will affect you in some way, so we advise all of our users to thoroughly study the new GDPR regulations. bunny.net is fully committed to help you with compliance, so we are rolling out anonymity features before May 25th 2018 and making sure no user identifiable data is collected or processed whenever possible.
bunny.net's CDN and all other services may be used only for lawful purposes. Transmission, distribution or storage of any material in violation of any applicable law or regulation is prohibited. This includes, without limitation, any material protected by copyright, trademark, trade secret or other intellectual property right used without proper authorization, and material that is obscene, defamatory, constitutes an illegal threat, or violates export control laws.
bunny.net typically acts as a data processor, which means that we process data on your behalf. bunny.net allows you to gather and temporarily store visitor log information such as anonymised IP, web address, country code and user agent for the purpose of analyzing, processing, testing and security. Additionally, our system stores either temporarily or permanently files obtained from your website by our system our manually uploaded by you.
In most cases, the data held and collected by bunny.net does not contain any user identifiable data. In some cases, which depend on how you are using bunny.net and how your website is structured, personal data may be collected from your users. Such information includes hosting user uploaded content as well as personal data that might be transmitted in the URL, User-Agent or Referer headers of the HTTP protocol.
As a customer of bunny.net, you typically act as a data controller. This means you determine if, why and for how long data will be stored on our system. Our system provides ways to process, store and aggregate the stored information. If you are storing personal data on bunny.net it is your duty as a controller to demonstrate the same level of GDPR compliance.
While uncommon, bunny.net also provides way to block users from the EU from accessing your content altogether by using our traffic manager tools if you do not wish to serve users from the European Union.
Typically, bunny.net does not collect, store or distribute information that could be used in any way to identify a user or contain their personal information. If you believe that you process personal data on the bunny.net platform, this qualifies you as a data processor and you will be required by law to complete a Data Processing Agreement (DPA). We are making sure to make this available by May 25th, so please contact our support team to receive the agreement.
bunny.net is fully committed to complying with the GDPR. We have overhauled our user Privacy & Data policy and taken steps to ensure no personally identifiable data is stored from your users that access your services through bunny.net by anonymizing any data that could be used to directly or indirectly identify a user. We are also signing the Data Processing Agreements with our partners and carefully overviewing that they take the required privacy measures over the data shared or stored on their platforms.