Skip navigation

General Assembly

Alibaba Cloud, Fabasoft, IBM, Oracle, Salesforce and SAP are founding members of the General Assembly of the EU Cloud Code of Conduct and support the role of the cloud computing industry in improving transparency and helping cloud customers understand how data protection issues are addressed by cloud service providers.

To top


logo_with_pic.png

Our Goal

Cloud computing provides significant benefits to both public and private sector customers in terms of cost, flexibility, efficiency, security and scalability. However, cloud customers must be able to trust a Cloud Service Provider (CSP) before entrusting data and applications to a CSP.

As representatives of European and multinational companies and organizations with significant involvement in cloud computing, our goal is to demonstrate and assure cloud customers that we are compliant with data protection laws and prepared for the General Data Protection Regulation (GDPR) coming into effect in May 2018. CSPs can demonstrate their capacity to comply with the Code across varying levels of proof and assurance.

To top


shield_with_check.png

Our Tool: The Code

The Code of Conduct was developed by the Cloud Select Industry Group (Data Protection Code of Conduct Subgroup) convened by the European Commission under the auspices of DG Connect and with the involvement and advice of DG Justice. Development of the Code was further informed by input from the Article 29 Working Party.

The EU Cloud Code of Conduct consists principally of a set of requirements for CSPs adhering to the Code, plus a governance structure that aims to support the effective and transparent implementation, management, and evolution of the Code.

The intention of the EU Cloud Code of Conduct is to make it easier for cloud customers (in particular small and medium enterprises and public entities) to determine whether particular cloud services are appropriate for their desired use.

In addition, the transparency created by the Code will contribute to an environment of trust and create a high default level of data protection in the European cloud computing market. 

To top

shield_with_check.png

tiles_with_cloud_and_lock.png

Why Certify

CSPs must ensure personal data is processed in accordance with the EU Data Protection Directive, its national transpositions and subsequent EU data protection laws, in particular the General Data Protection Regulation and any further European data protection legislation.

When adhering to the EU Cloud Code of Conduct, CSPs commit to the Code's requirements and practices. Consequently, cloud customers can be more confident of how the CSP has implemented data protection measures in compliance with applicable laws. CSPs whose adherence to the Code has been published in the public register may choose to publicly show their adherence by using the trusted EU Cloud Code of Conduct mark.

To top


Media & Press


Latest News

Huge step made towards Data Protection Compliance

|   EU Cloud CoC

New Version of the Code has been published (May 2017)

Read more

Check out our new brochure

|   EU Cloud CoC

The new brochure is summarizing the key aspects of the EU Cloud Code of Conduct and benefits of joining.

Read more

How the EU Cloud Code of Conduct helps build cloud trust in Europe

|   EU Cloud CoC

Read why the EU Code of Conduct is uniquely positioned and is open to cloud service providers of all sizes and from all cloud sectors.

Read more

IBM signed up another 24 services to the EU Cloud Code of Conduct

|   EU Cloud CoC

We are pleased to announce that IBM has signed up 24 new services to the EU Cloud Code of Conduct. The services join IBM’s SoftLayer and Bluemix Infrastructure services which were signed up to The EU Cloud Code of Conduct earlier. The adherences are currently under evaluation. Read IBM’s statement here:

Read more