You do not have to look very far to find discussions about privacy.
No matter how you consume news and other content, privacy and data protection are at the forefront of the conversation.
With over 22 years as a managed host provider, Liquid Web is a part of that conversation and stands firm in protecting the privacy of everyone that we work with, whether that be our customers, participants in our events and marketing, or visitors to our website.
We demonstrate our commitment to privacy every day by achieving certifications, providing privacy-focused services and by being clear and open about our privacy practices.
Liquid Web will continue to stand firm by that commitment by maintaining our certifications, providing you with more resources on privacy technologies and by engaging in conversations about this important topic whenever we can.
Why Liquid Web Cares About Privacy
People share more and more data online than ever before. They are using social networking, search engines and mobile devices every day, often sharing billions of points of personal information.
At Liquid Web, we understand the trust that our customers, event and marketing participants, website visitors, and partners place on us when they share their personal information with us.
We appreciate this trust and know that it is our job to keep it. We care about privacy because it is a fundamental human right, and a respect of privacy for our customers is what allows us to work together.
Our commitment to privacy extends not only to our customers, but also to those that visit our website and participate in our event and marketing campaigns. Visitors to our website provide us with their contact information, including an email address, that allows them to receive communications from us. Those that attend events or participate in our marketing campaigns give their information to us when they register for webinars, subscribe to materials, or participate in surveys or contests.
As the use of such tools, platforms, and mediums increases, there needs to be an emphasis on protecting the privacy of everyone involved. Liquid Web is happy to be at the forefront of an industry that is becoming privacy-focused. While it saddens us to see companies that abuse the private information of people, we are also happy to see that more and more companies are producing technologies which allow for the protection of personal information. We protect the information of everyone who provides their data to us and will continue to do so as technology evolves.
How Does Liquid Web Ensure the Privacy of Their Users
One of the ways that Liquid Web takes steps to ensure the privacy of our users is by achieving certifications. We know that it takes time to build trust and that reviews of privacy practices by third parties form the cornerstone of that trust. We work with industry standard organizations and trusted third party reviewers to bring you peace of mind that your privacy will be protected by Liquid Web.
In many cases, these certifications require documentation that is easily accessible and accurate and require us to have clear policies around privacy and the usage of personal data. Let’s look at some specific certifications Liquid Web has obtained.
EU-US Privacy Shield Framework & The Swiss-US Privacy Shield Framework
The US Department of Commerce, the European Commission, and the Swiss Administration designed the EU-US and Swiss-US Privacy Shield Frameworks. The purpose of these frameworks is to provide companies on both sides of the ocean a way to comply with data protection requirements. The frameworks apply to the transfer of personal data from the EU and Switzerland to the United States.
Liquid Web complies with the EU-US and the Swiss-US Privacy Shield Frameworks as they were set forth by the US Department of Commerce. Our collection, retention, and use of personal information transferred from the European Union and Switzerland to us in the United States follows the regulations. Liquid Web has certified to the US Department of Commerce that it adheres to the Privacy Shield Principles. Those interested can learn more about the Privacy Shield program, and view our certification page by visiting this link.
Medical information and records are particularly sensitive pieces of personal information. We abide by the heightened requirements that are needed to ensure the protection and security of such data.
The Health Insurance Portability And Accountability Act (HIPAA) was signed into law in 1996 and provides security provisions and data privacy requirements that keep patient medical information secured. The Health Information Technology for Economic and Clinical Health Act (HITECH Act) is a part of the American Recovery and Reinvestment Act of 2009 (ARRA). The HITECH Act was created to motivate the implementation of electronic health records (EHR) and supporting technology in the United States. It was signed into law on February 17, 2009, as part of the ARRA.
An independent auditing firm confirmed that our data centers and managed dedicated server solutions comply with HIPAA compliant cloud hosting security and privacy guidelines. We also meet the administrative, physical, and technical safeguard measures necessary to comply with the law. Our HIPAA/HITECH Report is publicly available and can be found on our website.
The General Data Protection Regulation (GDPR) replaced the EU Data Protection Directive (known as Directive 95/46/EC) and is a European privacy law. Strengthening data privacy and protection for individuals within the European Union (EU) is one of the main goals of the law. The law provides that proper consent needs to be obtained to collect data, includes transparency requirements and affords EU residents certain rights with regard to their data. GDPR also governs the transfer of personal data of EU residents outside of the EU. GDPR went into effect on May 25, 2018. We have been diligently working on GDPR compliance since prior to its effective date and are proud to be able to protect the personal information of our friends overseas.
Liquid Web is compliant with the EU data protection laws concerning the international transfer of data and the protection and usage of such data. We offer EU Standard Contractual Clauses to meet the data security requirements for our EU customers. We also have a report on our compliance with GDPR, which can be viewed here: Liquid Web’s GDPR Report.
Payment Card Industry Data Security Standard (PCI DSS)
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards. It is designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. The rules of the PCI DSS apply to ANY organization, regardless of size or number of transactions.
Liquid Web provides an Attestation of Compliance (AOC) report that is publicly available on our website. For those customers needing to ensure that their environment meets the requirements of PCI, we also have PCI scanning services available.
How Our Services Maintain a Privacy-Focused Nature
Merely having the policies and certifications in place does not equate to the type of privacy and security that we strive for. That is why we have also decided to provide services that affirm these reports and procedures. We know that privacy is not only important to us but is also important to our customers. We have integrated features and offer solutions that align with our customers’ laser focus on privacy.
More and more, customers are turning to SSL Certificates (Secure Sockets Layer) keep their website and online transactions secure. SSLs use strong encryption, protecting any sensitive data your site may collect. Today, customers expect every website they visit to provide them a safe experience, which provides the trust and reputation they need to make purchases. Liquid Web’s Managed WordPress and Managed WooCommerce platforms offer free, automatic SSL Certificates on all of their domains.
Our fully Managed Hosting and platform services offer Let’s Encrypt as a free, auto-renewing SSL solution. You also have the option to purchase a GlobalSign SSL certificate. They are a universally trusted certificate provider that affords the flexibility customers need in SSL offerings.
Some of the best Managed Hardware Firewall options are available through Liquid Web. A hardware firewall ensures business resiliency by acting as the first line of defense for protecting your servers from malicious Internet traffic. Our firewalls provide a substantial degree of protection from attacks coming from the outside. They contain an operating system and operate independently of the servers they were designed to protect.
The firewall processes traffic before it reaches your servers. Threats get eliminated before they reach your server without affecting the server’s performance. Our adaptive network security solutions provide signature-based intrusion prevention that automatically blocks malware, such as Trojan horses, worms, and spyware.
Managed WordPress Updates
In addition to having automatic SSL certificates for each site, our Managed WordPress platform takes security a step further. We manage the update process by automatically updating the WordPress versions and plugins. It reduces the chances of a breach, meaning that you help your customers ensure the privacy of their customers.
We realize that plugin updates can sometimes break your site. With this in mind, we test plugins in a separate environment to ensure compatibility. We push the plugins that pass testing live while you get notified of the ones that do not so that you can make proper updates.
Private Cloud Solutions
We also offer a Private Cloud solution powered by VMware and NetApp. It gives all the benefits of a conventional public cloud with the power, performance, and security of an isolated infrastructure on dedicated hardware. Every single-tenant Private Cloud solution includes a hardware firewall, load balancer, and a dedicated vCenter for your VMs. The importance of this feature is that you get isolation for your infrastructure and safeguarding for your data.
Privacy Happenings In Government and Around the Industry
Several states have taken the reigns on privacy in the US before the federal government. The California Consumer Privacy Act (CCPA) is leading the charge to hold companies accountable for how they use and guard consumer information. The CCPA is going into effect on January 1, 2020 and we are excited for the rights that it provides to consumers and are ready to provide our customers with these enhanced rights.
Companies in the privacy technology space are also receiving funding from investment firms. OneTrust and TrustArc, among others, are receiving substantial investments for their contributions to privacy technology. With these trends, we can undoubtedly expect the focus on privacy to continue.
We have 5G on the horizon, and mobile carriers are scrambling to build out their network infrastructure to accommodate it. A new set of challenges are facing these providers, and with them, concerns about privacy may be increasing. Companies and researchers are working to navigate the unique issues that are introduced by the advent of these new technologies and the concerns they bring.
The future of privacy in technology is ever-evolving in the industry. Liquid Web is excited to be a part of that future. Our customers, event and marketing participants, and website visitors can count on us to:
- Maintain our certifications;
- Continue to take privacy seriously;
- Continue providing services that ensure security and privacy; and
- Share advice, tips, and checklists on privacy regulations freely.
We are committed to being apart of the conversation on consumer privacy and invite everyone to join in as well. If you ever have any questions about our privacy practices, we would love to engage in a discussion with you, so please contact us at email@example.com.