Jump to content

GDPR requirements for hosting providers

Recommended Posts

The more I read the less I think I understand about the requirements particular to hosting and IT providers.

Do hosting providers running WHMCS need to register and [more than likely] pay ICO a data protection fee?

From the checklist located here: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/controllers-checklist/

And here's the specific language:



After May 2018 you need to pay the ICO a data protection fee.

If you have already registered with the ICO in the last year prior to May 2018, you only need to pay the fee once your current registration expires.

There are three different tiers of fee. Controllers are expected to pay between £40 and £2,900. The fees are set by Parliament to reflect what it believes is appropriate based on the risks posed by the processing of personal data by controllers. The tier you fall into depends on:

* how many members of staff you have; * your annual turnover; * whether you are a public authority; * whether you are a charity; and * whether you are a small occupational pension scheme.


Aside from this, What we've done so far is to enable the opt-in/opt-out capabilities in WHMCS 7.5, and we're preparing to add a couple of items to our  privacy policy and terms of service related to:

  • The ability to opt-in and opt out of marketing emails at will, by the customer.
  • The ability to have all user data deleted, as per the GDPR, with the proviso that such a request amounts to a request for immediate cancellation request of all services, due to the inability to connect to, or manage any services once the user account has been removed.

Much of what appears to be required flies in the face of requirements elsewhere for us to retain data for the purposes of income taxes, receipts, invoices, etc. There's just no way to delete the majority of a customer's information without also removing the ability to comply with US tax codes pertaining to the retention of receipts and transactions which is required for documenting taxable income, deductions, etc.

Does someone have just a few simple things we need, as a standard hosting company, to implement in this regard?

Link to comment
Share on other sites

  • 3 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated