General Data Protection Regulation (GDPR Compliance) and PubNub

Overview

The European Union’s General Data Protection Regulation (GDPR) was designed to harmonize data privacy laws across Europe, delivering a right to privacy and the protection of personal data. It introduces broad-ranging requirements for data protection, security, and compliance.

PubNub will comply with the GDPR when it becomes enforceable on May 25, 2018.

In addition to our own compliance, PubNub provides various APIs, professional services and online resources to our customers to help them comply with GDPR requirements for their applications. Some examples include configuring PubNub for regional data storage, leveraging PubNub data APIs for data portability and purging, properly using PubNub Access Manager for data access authorization, and PubNub AES support for data
end-to-end encryption.

GDPR Enablement in your PubNub Applications

GDPR Enablement in your PubNub Applications

Data Encryption Strategies
Data Encryption Strategies
  • PubNub offers AES encryption embedded within popular SDKs to deliver
    end-to-end data encryption.
  • Message body / envelope structure allows you to place some data on the message envelope for processing / routing, while leaving remaining data encrypted in the message body.
Learn More
Log Access & Audit
Log Access & Audit
  • PubNub can provide all access logs for full auditability over data access.
  • Use PubNub Functions and PubNub Gateways to detect and deliver message content to your servers for auditability.
Learn More
Access Control
Access Control
  • PubNub Access Manager provides token-based r/w access control for each channel of data.
  • Realtime token grant / revoke capabilities take effect instantly across all global PoPs.
Learn More
PII Data Privacy
PII Data Privacy
  • Message History Delete API supports GDPR Article 17 “right to erasure / right to be forgotten.”
  • PubNub dynamic storage options allow for message storage only when conditions are met, or solely for users from specific geographic locations.
Learn More
Data Storage
Data Storage
  • Lock down data storage to specific geographic regions, such as
    “EU-Only” Storage, or “US-Only” Storage.
  • PubNub supports “transient-only” mode with RAM-only message routing, prevents any data from being stored throughout the global network pipeline.
Learn More
Compliance / Certifications
Compliance / Certifications
  • PubNub offers GDPR article 28 compliant contract terms to customers; including 72 hour breach notification.
  • PubNub is SOC 2 Type II compliant, regularly validated by an outside auditor.
  • PubNub is HIPAA Compliant and Privacy Shield Certified.
Learn More

Try PubNub Today

Connect up to 100 devices for Free