Abstract
Understanding how cloud providers support the European General Data Protection Regulation (GDPR) remains an imporant challenge for new providers emerging on the market. GDPR influences access to, storage, processing and tranmission of data, requiring these operations to be exposed to a user to seek explicit consent. A privacy-aware cloud architecture is proposed that improves transparency and enables the audit trail of providers who accessed the user data to be recorded. The architecture not only supports GDPR compliance by imposing several data protection requirements on cloud providers, but also benefits from a blockchain network that securely stores the providers' operations on the user data. A blockchainbased tracking approach based on a shared privacy agreement implemented as a smart contract is described - providers who violate GDPR rules are automatically reported through a voting mechanism.