The Norwegian Data Protection Authority has developed these guidelines to help organisations understand and comply with the requirement of data protection by design and by default in article 25 of the General Data Protection Regulation. We have cooperated with security professionals and software developers in public and private sector among others.
Businesses that make use of cloud computing are legally liable, and must ensure that personal
data is processed in accordance with the relevant legislation and regulations.
If you, as a private individual, are going to use this type of online storage solution, you should
consider carefully how secure the system is.
This guide is intended to help organisations in their efforts to anonymize the personal data they have collected in a robust and secure manner.