Who can make a GDPR request?

The GDPR allows Backblaze EU-based customers to manage how we use the personal data we collect from them.  A customer can request a variety of actions be taken related to this data.  To ensure that the request is legitimate and to protect the personal data of our customers we require:

Anyone making a request to Backblaze to view/update/delete the personal data we manage must prove they are the owner of that data before Backblaze will allow that person to view/update/delete such data.

To prove ownership, we will ask that the customer be able to sign in to the Backblaze account that contains the personal data they wish to change.

Typically a user signs in to their Backblaze account by providing their account email address and the password they created.  If they are unable to remember their password, they can recover their password using our password recovery process.

As a customer, you have the option to add additional account security mechanisms to protect access to access to your account, for example, two-factor verification, backup codes, and using a private encryption key.  If you utilize an optional security mechanism, you are solely responsible for providing the needed access mechanism (backup code, private encryption key, 2-factor code) when requested by the Backblaze system.  If you are unable to provide the access mechanism, you will not be able to complete the sign in process to the Backblaze account in question.

We encourage anyone who chooses to add an optional security mechanism to ensure they have access to the access mechanism.  For example, if you use SMS-based two-factor verification, you will need to have your phone available to receive the access code that will be entered into the Backblaze system to complete the sign in process.



Have more questions? Submit a request


Article is closed for comments.
Powered by Zendesk