Privacy

How does Centersquare handle information that it collects about its customers?

Please refer to the General Privacy Policy and the GDPR Privacy Policy.

Does Centersquare access data on customer equipment and systems?

No. As a colocation provider, Centersquare makes the data center environment available to its customers, but Centersquare does not have access to data on customer equipment and systems, or information that may be transmitted or processed by customers through the use of the services. Each customer takes responsibility for its own equipment and systems.

Is Centersquare a 'data controller' or 'data processor'?

Centersquare is a data controller, as defined in the European Union’s General Data Protection Regulation (referred to as ‘GDPR’) and the UK equivalent (referred to as 'UK GDPR'), with respect to personal data collected about individuals who interact with us on behalf of a customer in connection with the provision of our services.  Please refer to Centersquare’s GDPR Privacy Policy for further information.

For colocation services, Centersquare is not a data processor under GDPR because it provides only data center physical space for customers to place their equipment and systems. Centersquare does not otherwise store or process data on behalf of its customers.

The following specific types of remote hands services (also known as ‘Gold Support’ services), which are infrequently requested by customers, may involve incidental personal data processing if (a) the customer requests that Centersquare access the customer’s operating systems and provides Centersquare personnel with login credentials to the customer’s system, and (b) such operating system contains customer personal data:

  1. entering commands according to the customer’s detailed instructions and relaying system responses, and/or
  2. executing built in diagnostics in the customer’s system according to the customer’s instructions.

Do we need a Data Processing Agreement ('DPA')?

Centersquare is not a data processor and therefore a DPA is unnecessary, except in the rare circumstance noted above in which a customer specifically requests remote hands services to access its operating systems (generally as a last resort) and the customer provides Centersquare with its login credentials for that specific purpose.

 

If you ask Centersquare to carry out such remote hands services in relation to an operating system that contains personal data under the GDPR, you may decide to put a DPA in place to address such incidental data processing. If this situation applies to you, please request a copy of Centersquare’s standard DPA from your account representative.

Does Centersquare transfer customer data overseas?

Centersquare does not carry out cross-border transfers of data in its capacity as a colocation provider. 

Please refer to Centersquare's GDPR Privacy Policy for information about cross-border transfers of data in Centersquare’s capacity as a data controller.