Products
Tools
Solutions
Services
Support
Collaboration
R&D
Company
OFFERS
Information on the Data Act
Jurisdiction, Measures to prevent international governmental access to or transfer of non-personal data held in the Union (Art. 28 Data Act) and Rules on switching data processing services
As of 12 September 2025, the provisions of Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonised rules on fair access to and use of data and amending Regulation (EU) 2017/2394 and Directive (EU) 2020/1828 (the Data Act), have become applicable.
In this context, the provider – Oktawave S.A. – in performance of its obligations under Article 28 of the Data Act, provides information concerning the ICT infrastructure and the data protection measures applied in the Oktawave Cloud service.
Jurisdiction of the ICT infrastructure
The ICT infrastructure used for processing Users’ data within the above service is located in the territory of the Republic of Poland or other Member States of the European Union. Consequently, this infrastructure is subject to the jurisdiction of Union law and the national law of the relevant Member States in which the data is stored or processed.
Measures to prevent international governmental access to or transfer of non-personal data held in the Union
In order to ensure compliance with the Data Act and with Union and Member State law, Oktawave S.A. applies the following measures:
- technical measures – including, inter alia, data encryption, segmentation of processing environments, authentication mechanisms, and security monitoring systems.
- organisational measures – including access control based on the principle of least privilege, incident response procedures, and regular security audits.
- contractual measures – including contractual obligations of ICT suppliers and subcontractors excluding any transfer or disclosure of data to third-country authorities in a manner that would conflict with Union law or national law.
Through these measures, we ensure that any international governmental access or transfer requests from third-country authorities which would be contrary to Union law or national law will not result in disclosure of Users’ data in the Oktawave Cloud service.
Rules on switching data processing service providers
According to the new law, the User of the Oktawave Cloud service has the right to exercise the entitlement to switch to another data processing service provider, in accordance with the rules laid down in the Data Act. A detailed description of the rules on switching data processing service providers is set out in Annex No. 4 to the Terms of Service “Switching Data Processing Service Providers” (Zmiana dostawcy usług przetwarzania danych).