The European Union Cloud Code of Conduct (EU Cloud CoC) requirements enable Cloud Service Providers (CSPs) to demonstrate their capability to comply with the EU General Data Protection Regulation (GDPR).
The EU Cloud CoC includes a governance section designed to support the effective and transparent implementation, management and evolution of the Code. As a result of the positive opinion (link resides outside ibm.com) issued by the European Data Protection Board (EDPB), the Code was officially approved (link resides outside ibm.com) by the Belgian Data Protection Authority in May 2021.
The EU Cloud CoC has been instrumental in aligning the cloud sector with rigorous technical and organizational measures for effective GDPR implementation. Apart from serving as an evidence of GDPR compliance for cloud service providers, this unique tool is a significant safeguard for cloud users across the EU.
Reports and other documentation
IBM Cloud services that are verified as compliant with the EU Cloud CoC (Verification-ID 2023LVL02SCOPE5316) (link resides outside ibm.com)
IBM considers the EU Cloud CoC a reliable tool available for demonstrating our commitment to cloud users that their data is secure. The EU Cloud CoC verification demonstrates that IBM Cloud meets the Code requirements. IBM has obtained a second level of compliance with the EU Cloud CoC. Check out our services that adhere to the EU Cloud Coc requirements.
For more information on IBM data privacy policies, please visit the IBM Trust Center. If you have further questions on IBM privacy policy for our external offerings, you can contact the IBM Chief Privacy Office Helpdesk.