Your Data Isn't Yours

You assume that because you pay for a cloud service, you own the data you put into it. In most cases, you are wrong. The terms and conditions you agreed to — probably without reading — grant your providers rights over your data that would surprise you. Some can scan it, some can share it, and many can lock you out of it entirely.

This module lifts the lid on where your business data actually lives, who else can access it, and what the legal implications are for your business under UK and EU data protection law.

What this module covers

• Where your data actually lives — tracing the physical and legal locations of your emails, files, customer records, and backups across every service you use
• Who has access — understanding the chain of access from your team to your cloud provider, their subprocessors, and the governments that can compel disclosure
• The fine print — a plain-English walkthrough of the terms and conditions, data processing agreements, and service level commitments that govern your data
• Data sovereignty and the law — how GDPR, the UK Data Protection Act, and international transfer rules affect where your data can legally be stored and processed
• Mapping your data footprint — a practical exercise to catalogue every system that holds your business data, giving you a complete picture of your exposure

By the end of this module, you will know exactly where your data sits, who can touch it, and what you need to change to bring it under your control.