Skip navigation
  2. Home

Your path to trusted cloud services in Europe

The EU Cloud Code of Conduct contains rigorous assurances for the protection of data in cloud services.

join_blue.png

Participate

You are a Cloud Service Provider and want to know more about Codes of Conduct? Read more about Codes of Conduct in general and the benefits of joining the EU Cloud Code of Conduct.

news_blue.png

Latest news

The EU Cloud CoC is expanding! Read more about recent developments within our news section or follow us on twitter.

download_blue.png

Get the Code

Here is the full text of the recently fully revised Code (first developed under Directive 95/46/EC and revised for GDPR). It will be subject to regular revision and updates to take into account additional GDPR requirements as these evolve.

Trust in cloud computing is essential.

It has never been more true than today to assert that without user trust, technology will not be able to advance to reach its full potential. At the core of building trust is robust data protection. The EU Data Protection Code of Conduct for Cloud Service Providers plays an important role here. Known by its abbreviated name EU Cloud Code of Conduct, it sets out clear requirements and recommends procedures to raise the level of data protection in cloud services, based on GDPR.

The first version of the EU Cloud Code of Conduct was released in February 2017, following close collaboration between the Cloud Select Industry Group and the European data protection regulatory bodies. As of 25 May 2018, the EU Cloud CoC has been revised to align with the new rules under GDPR. For this latest release of the Code, we have added an implementation guide, the Controls Catalogue,  which builds on industry best practices in security and privacy and expands upon them. Requirements of the GDPR and the Code are linked and mapped to leading information security standards.

This is the first time that a single initiative allows a cloud provider or a cloud customer to establish precisely which requirements they should meet under the GDPR, which assurances they get from existing certifications, and above all obtain the certainty that the gap between the GDPR and the certification is comprehensively filled. This is a crucial added value of the Code.

Alibaba Cloud (Singapore) Private Limited
https://www.alibabacloud.com
1 Raffles Place #59-00 One Raffles Place Tower One
Singapore
048616
Singapore
Arcules Inc.
https://www.arcules.com/
17875 Von Karman Ave Suite 450
Irvine
California
92614
USA
Cisco Systems Inc
170 West Tasman Drive
San Jose
California
95134
USA
Cloud Industry Forum
PO Box 4160
Reading
RG8 6DT
Great Britain
EPIGNOSIS LLC
315 Montgomery Street, 9th Floor
San Francisco
California
94104
USA
Fabasoft AG
Honauerstraße 4
Linz
4020
Austria
Google Ireland Limited
Gordon House Barrow Street
Dublin
04
Ireland
IBM Belgium B.V.B.A./sprl
Avenue du Bourget 42
Brussels
1130
Belgium
Oracle Belgium B.V.B.A./sprl.
Medialaan 50
Vilvoorde
1800
Belgium
salesforce.com, inc.
The Landmark @ One Market Suite 300
San Francisco
California
94105
USA
SAP Belgium NV/SA
Avenue des Olympiades 2
Brussels
1140
Belgium
TrustArc Inc
835 Market Street
San Francisco
California
94103
USA
Workday Limited
Kings Building 152-155 Church St.
Dublin
D7
Ireland