General Data Protection Regulation (GDPR)

[Cgroenendijk]

Support case number is 02708538.

Short introduction:

The new EU law, the General Data Protection Regulation is active on 25th May 2018. This law is for al EU member states and is subjected to heavy fines. The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the 1995 Data Protection Directive (Directive 95/46/EC).
This comes at the cost of a strict data protection compliance regime with severe penalties of up € 20.000.000 or 4% of worldwide turnover. (whichever is higher)

The GDPR strengthens the privacy requirement– through "The right to be forgotten" (RTBF) and “the right to erasure” (RTE). This means data controllers who receive an RTE request from the individual must delete copies of the information in question, as well as all links to it, from every piece of IT equipment - including servers and backups, cloud systems and portable devices.

The problem (feature request)

Now we are using the (Grand-Father, Father, Son) GFS implementation of the Veeam Backup Copies. If an individual asks for an RTE/RTBF I would need to delete this information for the chain. Currently, I can only delete the entire chain as an option. It would be great is we can delete a file from the retention system and GFS copies before 25 May 2018 when the law is active.

I appreciate any help with this problem.

Kind regards,

Christian Groenendijk
Van Berge Henegouwen Installaties B.V.

[lowlander]

Any updates on this topic regarding an official Veeam statement in 2023 ?

[Gostev]

Not in the Age of Immutability we're all living in these days... sorry