DATA PRIVACY & GDPR

Aerohive Networks™ is committed to the security, protection and privacy of personal data we collect about our customers and business partners. We are very aware of the growing public concerns about personal data protection.

The European Union’s General Data Protection Regulation (GDPR) is a response to these concerns. It aims to bring consistency to EU data protection laws, and to strengthen the security and protection of personal data by giving EU citizens a higher degree of control over of their personal data, and how it is used in the digital economy. Independent of their location, organizations that collect, store, or process the personal data of EU residents must be able to address these regulations as of May 25, 2018.

Aerohive welcomes the GDPR and has implemented related functionality in its Cloud Networking solution.

GDPR Compliance Enablement in HiveManager®

Aerohive’s HiveManager® is our network management system. It is equipped with a set of features that enables our customers to address GDPR-related obligations that result from the “rights to request and be forgotten”, by searching for, downloading and deleting personal data. In addition, HiveManager provides logging and audit tools to track these actions so our customers can better document them.

GDPR Compliance Enablement in Aerohive’s Cloud

Where in the Cloud is my Data?

Under GDPR, some data can only be stored or transferred where the state has jurisdiction or where an agreement is in place that protects that data – the data-residency requirement.

Aerohive’s public cloud supports this residency requirement. Our cloud architecture is designed so that customer networks from European countries are assigned to a data center located in the EU. Furthermore, customer network data never leaves its assigned datacenter. This in turn enables Aerohive and our customers to demonstrate compliance with data-residency requirements.

Data Security in the Cloud

Under GDPR, organizations are also required to design their technical and company processes to secure and protect the personal data they collect and process. With regard to our cloud infrastructure, Aerohive takes comprehensive measures to support these requirements, including:

  • Securing the data in our Global Data Center (GDC) and Regional Data Centers (RDC), including with threat-prevention measures, firewalling and penetration testing.
  • Strictly limiting access to our cloud infrastructure to a small number of designated Aerohive DevOps engineers.
  • Protecting data storage in the Aerohive cloud through encryption.

Additional information about Aerohive’s cloud security is located here.

GDPR with Aerohive: A Shared Responsibility

Under GDPR, Aerohive and the customers using Aerohive’s products and services have shared roles and responsibilities regarding GDPR compliance.

As the data processor, Aerohive assists our customers (the data controllers) in addressing their GDPR responsibilities, by providing functionality in our products and implementing appropriately secure handling and control of personal data in our cloud.

Additional information about how Aerohive supports our customers in their GDPR compliance initiatives is available in our whitepaper “GDPR and Aerohive Networks”.

Additional information about the personal data we collect, how we use it and our associated responsibilities is available on the data privacy and protection section on our website.

GDPR BASICS

Data Processor
GDPR defines the “Processor” as the natural or legal entity which processes personal data on behalf of the controller. With regard to Aerohive’s products or services, Aerohive is classified as a Processor of data because our cloud-networking solution processes network-related data, including personal data, for our customers.

Data Controller
Under GDPR, customers purchasing and using Aerohive products and services are considered the Controller of data, because they decide what kind of personal data is collected and how it is processed and stored in their Aerohive network.

The Right to Request and Be Forgotten
Under GDPR, EU citizens and legal EU residents have several rights that provide them an increased level of control over their personal data. These include the rights to view the data that an organization has collected about them, to demand corrections to this data and to request deletion of their personal data. Aerohive has implemented functionality in our cloud networking solution that enables our customers to respond to these requirements.