Depending on the Membership option you choose, there are different requirements.
An overall requirement is to support the EU Cloud CoC. That includes being named as Member on the EU Cloud CoC website and publicly communicating your support and membership of the EU Cloud CoC
To join EU Cloud CoC as a Cloud Service Provider, you should to explore declaring adherence to the EU Cloud CoC for at least one Cloud service within an appropriate timeframe.
Yes. Currently there are two main options: General Assembly Member and General Assembly Supporter.
General Assembly Membership is open to any Cloud Service Provider who fulfils the requirements. There are three sub-options of becoming a General Assembly Member:
- Full-Membership including voting rights
- Membership for Medium Sized Enterprises excluding voting rights
- Membership for Small Sized Enterprises excluding voting rights
Every Cloud Service provider may choose to become a Full-Member no matter of its size. Membership options for Small and Medium Sized Enterprises (SME) are only applicable for those Cloud Service Providers that fulfil the European definition of a Small or Medium Sized Enterprise.
General Assembly Supporters are considered to be non-Cloud Service Providers but any natural or legal entity that strives to support the aims of the EU Cloud CoC.
The development of the EU Cloud CoC started under Directive 95/46/EC. The European Commission was involved during the drafting process. During the drafting period, the EU Cloud CoC was twice shared with the Working Party 29. The feedback received by the Working Party 29 was incorporated in the prevous version of the Code, under Directive 95/46 which was published in May 2017.
The current version of the EU Cloud CoC has been revised and rewritten to be aligned with the European General Data Protection Regulation. The General Assembly is currently in discussion with the competent DPA and is aiming for official approval.
The EU Cloud CoC has a dedicated and independent Monitoring Body and a Secretariat. Any Cloud Service Provider declaring its adherence to the EU Cloud CoC must prove its compliance to the satisfaction of the Monitoring Body. The EU Cloud CoC will provide different levels of compliance and a respective translation of its provisions into precise controls – which will be provided to the Cloud Provider in the form of a Controls Catalogue.
Cloud Service Providers may only market their adherence to the EU Cloud CoC after having received the official approval by the Monitoring Body. Such Cloud Service Providers will then be listed in the Public Register of Adherent Cloud Services.
The EU Cloud CoC addresses Cloud Services / Cloud Service Families. Hence, you will not have to comply as a Cloud Service Provider in general. But those services declared adherent to the EU Cloud CoC must fully comply with its provisions.
Please read more at Do I have to comply with the EU Cloud CoC as Cloud Service Provider as a whole?
For further questions, please do not hesitate to contact us.