Skip to content

Legal & Compliance Overview

This section provides information about the legal, compliance, and regulatory aspects of using DevOpsCentral cloud infrastructure. Understanding these topics is essential for organizations with strict data protection requirements, regulated industries, and those committed to data sovereignty.

DevOpsCentral is built on the principle of data sovereignty - ensuring your data and infrastructure remain under your control and comply with European data protection regulations. This section explains the legal framework, compliance certifications, terms of service, and privacy policies that govern your use of DevOpsCentral services.

Whether you're conducting a compliance audit, evaluating regulatory requirements, or simply want to understand your rights and responsibilities, this documentation provides transparent information about the legal aspects of DevOpsCentral cloud services.

Who This Section Is For

  • Compliance officers assessing regulatory requirements
  • Legal teams reviewing terms and privacy policies
  • Security professionals evaluating data protection measures
  • CISOs conducting risk assessments
  • Procurement teams reviewing contracts and SLAs
  • Privacy officers ensuring GDPR compliance

Planned Topics

Data Protection & Privacy

  • Data Sovereignty Explained - Legal framework
  • What is data sovereignty?
  • EU vs. non-EU infrastructure
  • Data residency guarantees
  • Legal jurisdiction and protection

  • Cross-border data transfer considerations

  • GDPR Compliance - General Data Protection Regulation

  • Virtomat's GDPR compliance measures
  • Your responsibilities as a data controller
  • Data processing agreements
  • Rights of data subjects
  • Data breach notification procedures

  • Record-keeping requirements

  • Privacy Policy - How we handle your information

  • What data we collect
  • How we use your data
  • Data retention policies
  • Third-party services and processors
  • Your privacy rights
  • Contact for privacy questions

Terms and Agreements

  • Terms of Service - Usage agreement
  • Acceptable use policy
  • Service availability and uptime
  • Account responsibilities
  • Suspension and termination
  • Limitation of liability

  • Dispute resolution

  • Service Level Agreement (SLA) - Uptime and support commitments

  • Availability guarantees
  • Service credits
  • Maintenance windows
  • Support response times

  • Exclusions and limitations

  • Data Processing Agreement (DPA) - GDPR-compliant processing terms

  • Controller-processor relationship
  • Processing instructions
  • Sub-processors
  • Security measures
  • Data subject rights
  • International transfers

Compliance & Certifications

  • Compliance Certifications - Standards and audits
  • ISO 27001 (Information Security Management)
  • SOC 2 Type II compliance
  • Industry-specific certifications
  • Audit reports availability

  • Compliance roadmap

  • Security & Compliance Framework - Technical and organizational measures

  • Infrastructure security
  • Network security
  • Access controls
  • Encryption standards
  • Incident response

  • Business continuity

  • Regulatory Compliance by Industry - Sector-specific requirements

  • Healthcare (HIPAA considerations)
  • Financial services
  • Government and public sector
  • Education
  • E-commerce

Infrastructure & Location

  • Data Center Information - Physical infrastructure details
  • Location and jurisdiction (Romania/EU)
  • Physical security measures
  • Power and cooling redundancy
  • Network connectivity

  • Disaster recovery capabilities

  • Infrastructure Ownership - Who controls the infrastructure

  • Virtomat Cloud Solutions SRL ownership
  • Hardware ownership model
  • No third-party dependencies
  • Long-term commitment to sovereignty

Rights and Responsibilities

  • Customer Responsibilities - Your obligations
  • Account security
  • Data backup and recovery
  • Application-level security
  • Compliance with applicable laws

  • Acceptable use compliance

  • Data Rights - Your rights regarding your data

  • Right to access
  • Right to portability
  • Right to deletion
  • Data export procedures
  • Account closure process

Intellectual Property

  • Intellectual Property Policy - Ownership of data and code
  • Customer data ownership
  • Intellectual property rights
  • Open-source software usage
  • Trademarks and branding

Changes and Updates

  • Policy Change Log - History of policy updates
  • Recent policy changes
  • Notification procedures
  • Effective dates
  • How to stay informed

Data Sovereignty

Virtomat ensures data sovereignty through:

  • Physical infrastructure located in Romania (EU jurisdiction)
  • Local ownership - no foreign control or access
  • EU legal framework - GDPR and European data protection laws
  • No third-party processors without customer consent
  • Transparent operations - clear terms and policies

Compliance Commitment

We are committed to:

  • Transparency - Clear policies and documentation
  • Regular audits - Third-party compliance verification
  • Continuous improvement - Evolving with regulations
  • Customer control - Your data, your decisions
  • Accountability - Clear responsibilities and procedures

Compliance Quick Reference

Regulation/Standard Status Documentation
GDPR (EU) Compliant GDPR Guide
Data Sovereignty Guaranteed Data Sovereignty
ISO 27001 In Progress Certifications
SOC 2 Type II Planned Certifications

Industry-Specific Guidance

Healthcare

  • Patient data protection
  • GDPR compliance for health data
  • Data processing agreements

Financial Services

  • Transaction data security
  • Audit trail requirements
  • Data retention policies

Government & Public Sector

  • EU public procurement compliance
  • Data residency requirements
  • Security clearance considerations

SaaS Providers

  • Multi-tenant data isolation
  • Customer data sovereignty
  • Sub-processor management

EU-Based Infrastructure

All DevOpsCentral infrastructure is located within the European Union (Romania), ensuring compliance with EU data protection regulations and providing strong legal protections for your data.

Legal Updates

Legal documents and policies are updated periodically. Check the change log for recent updates and subscribe to notifications for important changes.

Compliance Questions?

Our compliance and legal teams are available to answer questions. Contact us at legal@devopscentral.eu or through our contact page.

Getting Started with Compliance

For organizations evaluating DevOpsCentral:

  1. Review basics: Data Sovereignty Explained
  2. Understand GDPR: GDPR Compliance Guide
  3. Read agreements: Terms of Service and SLA
  4. Check certifications: Compliance Certifications
  5. Assess fit: Industry-specific guidance
  6. Contact us: For detailed compliance discussions

Audits and Documentation

For compliance audits, we provide:

  • Documentation packages - Comprehensive policy and procedure documents
  • Audit reports - Third-party compliance assessments (when available)
  • Technical specifications - Infrastructure and security details
  • Data processing agreements - GDPR-compliant DPA templates
  • Compliance questionnaires - Responses to standard security questionnaires

Request audit documentation through legal@devopscentral.eu.

  • General legal questions: legal@devopscentral.eu
  • Privacy inquiries: privacy@devopscentral.eu
  • Data protection officer: dpo@devopscentral.eu
  • Compliance documentation: compliance@devopscentral.eu

Or visit our contact page for additional contact methods.

Transparent legal framework for sovereign cloud infrastructure