GDPR: Guidance on the ArcGIS Platform

Storage Struggles? How to Preserve Up with the Data Explosion
February 4, 2019
Function smarter with Microsoft’s Workplace Analytics
February 6, 2019

The EU General Information Protection Regulation (GDPR”) areas considerable responsibilities on organisations that approach Personal Information. We are committed to being compliant with GDPR, which includes assisting our customers meet their GDPR obligations.


ArcGIS is a platform for managing, analysing and visualising spatial data, and as such it includes a lot of diverse elements. If you are using ArcGIS to manage Personal Data, then the following queries are important:

  • What technological safety measures are obtainable to guarantee data safety?
  • What tools are available to recognize what information is Individual Information?
  • What tools are there to correct inaccurate or incomplete Private Information?
  • What tools are there to eliminate or delete Private Data?
  • What tools are there to restrict the processing of Personal Information?
  • What tools are there to enable Individual Data to be extracted in a machine-readable, frequently used and structured form?
  • How can I notify users of Apps I deploy about my privacy policy?

We have addressed every of these issues in much more detail in a document obtainable on our site:

In addition to the above, consideration also wants to be given to the following:

ArcGIS On Premises Deployment

Many organisations deploy and manage ArcGIS computer software on their personal infrastructure, which may incorporate infrastructure owned by a third party such as a cloud infrastructure provider. In this scenario you are accountable for meeting your GDPR obligations. You may possibly also require to liaise with your infrastructure provider to comprehend their GDPR compliance as a Information Processor (or sub-processor, as applicable).

A common deployment of ArcGIS on Premises would include ArcGIS Enterprise components and ArcGIS desktop tools such as ArcGIS Pro or ArcMap. If you are managing Private Data it is likely that you are also producing use of a relational database (RDBMS) such as Oracle, SQL server or Postgres to shop and handle that information. You can make a decision if and how to retailer Individual Data inside the technique and it is your duty for ensuring that you meet any applicable needs of GDPR.

To locate out much more about the tools, please see

Esri Managed Software program: ArcGIS Online

ArcGIS is available as software program as a service in the kind of ArcGIS On the web, in this scenario you stay the Data Controller for any Personal Information that you decide on to store in ArcGIS On the internet, even so Esri Inc is a Information Processor in this case, and there are additional sub-processors that are utilised in offering the ArcGIS Online service to you.

ArcGIS Online Infrastructure is hosted in information centres situated in the United States of America, including these of Esri Inc, Microsoft Azure and Amazon Web services. Any Private Data stored in ArcGIS On the web could be transferred to those information centres.

To discover out a lot more about the tools, please see

Esri UK’s On-line Solutions: Software as a Service

Esri UK host a quantity of cloud primarily based applications that create on top of ArcGIS Online like QuestionWhere, MyNearest and sweet. These applications are all developed to make use of ArcGIS On the internet, and so the privacy and security measures of ArcGIS On the internet are relevant in this case. Any data that you select to collect by means of the use of these applications can be managed employing the relevant tools discussed in the preceding sections.

These applications are hosted on Esri UK’s AppHub Hosting environment, which is operating on the AWS cloud. Esri UK hosted applications do not collect or retailer any info supplied by customers of the applications, however Esri UK do log information generated for the duration of the operation of the service, such as net logs and IP addresses, we use this info for tracking errors and delivering a scalable, secure and reliable service.

Esri UK Managed Services

Esri UK and Esri Ireland’s Managed Solutions Teams offer services to host and run an organisations ArcGIS Infrastructure in the cloud. This infrastructure will be operated in our cloud service providers’ infrastructure. Every deployment will differ depending on an organisations requirements, but it provides the capability to deploy a managed ArcGIS method inside EU data centres, helping an organisation tailor their GIS answer, for instance exactly where the organisation prefers to maintain Personal Information within the EU.


Each organisation that offers with Personal Information needs to make certain that they address any troubles that GDPR raises. If you select to store Private Information in ArcGIS then you stay accountable for that data and how it is managed and utilised within the program. ArcGIS is a potent platform for helping with the process of managing Personal Information, and gives tools and capabilities that can address some of the specific needs of GDPR.

If you utilise cloud solutions as portion of your ArcGIS system, whether or not that is infrastructure provided by us, Esri Inc or an additional third celebration, or by utilising computer software as a service, then it is crucial that you recognize how that impacts your responsibilities beneath GDPR. We, Esri Inc and our third-party Information Processors (or sub-processors) offer each technical and contractual measures to enable you to meet your GDPR specifications, as well as addressing those specifications for our personal operations.

Read The Original Article

Comments are closed.