It is important to remember that you, as the customer and the data controller, also have specific legal obligations under the GDPR.
You should be confident that any providers (data processors) that you work with have a robust approach to data protection, understand their obligations under the GDPR, and are well-prepared to meet them. Know, however, that no provider can meet consumer-end obligations for you; providers can only comply with provider-end regulations.
We have created a cloudHQ shared responsibility guide, which shares our approach to working together to keep your data secure. It helps to make clear both cloudHQ’s responsibilities, as well as user responsibilities. Please email us at support@cloudHQ.net for details.