The came into effect on May 25, 2018. GDPR has a long reach and applies if you are based in the EU or do business in the EU. If you have any , such as names, email addresses, ID numbers, or anything else that is personally identifiable, then GDPR applies. You are a Controller of personal data under GDPR, so you need to enter into GDPR-compliant data processing agreements with any online services and third party vendors you rely on, including Docker. These agreements are called a Data Processing Addendum, or DPA. The processing of EU personal data must be governed by a . Docker provides a standard DPA to extend GDPR privacy principles, rights, and obligations regarding personal data stored in the production system/technical instance of Docker’s subscriptions and/or services provided by Docker and ordered by a Docker customer.
Docker uses third party subprocessors, such as cloud computing service providers and customer support software, to provide our services. We enter into a GDPR-compliant data processing agreement with each subprocessor, and require the same of them. List of Docker subprocessors