Data Privacy & Security FAQ

MyPC offers two different deployment options: a locally installed version and a cloud hosted service. This Data Privacy & Security FAQ specifically govern the use of the cloud hosted MyPC service.

Where does MyPC store data?

Info Technology Supply Ltd, a company incorporated in England and Wales under number 2230502 whose registered office is at 2 Hobbs House, Harrovian Business Village, Bessborough Road, Harrow, HA1 3EX, England, United Kingdom trading as MyPC  and its authorised resellers who contract with a reseller's customer ("you") (together "MyPC") stores its data in Microsoft Azure servers located in the European Union. This includes customers’ personal data and the data that is processed on behalf of customers.

Is there an option to have my data stored only within the USA or the UK?

MyPC does not currently support this option.

Has MyPC ever had to disclose data to UK/US or US authorities?

MyPC has not received any data access request from EU data protection regulators nor from the UK's Information Commissioner nor the US government under Section 702 of the Foreign Intelligence Surveillance Act or Executive Order 12333.

If such a request is received, MyPC will use reasonable efforts: (1) to have the governmental authority request such data directly from you; and (2) to notify you of the request promptly, unless prohibited under the applicable law of the requesting government authority.

Does MyPC sell or market the data to third parties in any way? Will you share my data without my consent?

No, MyPC does not sell or market your data to third parties. Authorised resellers with whom customers contract to buy the MyPC service will be supplied by you with personal data including for invoicing purposes. Data may be shared for essential services such as use of IT contractors or sub processors with carefully chosen third parties, but not for marketing purposes.

Does MyPC have a vetting process for its sub processors?

MyPC does vet sub processors. Any sub processors that become part of the service will undergo an internal legal and security review to assess how customer information is protected, from both privacy and security perspectives.

Will MyPC sign my company’s DPA?

No. We do not sign DPAs from other companies.

May I use MyPC with healthcare/medical data? And/or, will you sign my company’s BAA or similar such policy?

The use of regulated healthcare and medical data such as sensitive medical data under UK GDPR and in the USA like HIPAA is not supported on MyPC. MyPC also does not as a matter of policy agree to sign USA or similar business associate agreements (BAAs) or equivalent agreements for handling protected health information (PHI) or other similar information.

What security certifications does MyPC have and/or where can I find more information about MyPC’s security practices?

The creators of MyPC hold ISO 27001 certification with independent third-party auditors. See further on the MyPC website.