Local contracting entity & EU governance (operational model)

Why important?

Clear contracting party, responsibilities and governance for EU operations/support.

How measured?

• 0 = Contract/responsibility primarily with a non-EU entity
• 1 = EU contracting claimed, governance/accountability unclear
• 2 = EU contracting present, but governance/decision rights weak
• 3 = EU contracting + defined EU governance (roles/boards/accountability)
• 4 = EU contracting + strong EU governance, clear rights/controls documented
• 5 = EU contracting + EU governance with real decision/control rights contractually evidenced
• N/A = no reliable evidence

Sources / Evidence

• https://aws.eu/de/
• https://www.aboutamazon.eu/news/aws/built-operated-controlled-and-secured-in-europe-aws-unveils-new-sovereign-controls-and-governance-structure-for-the-aws-european-sovereign-cloud
• https://stackit.com/en/sovereign-cloud/data-sovereign-cloud/
• https://corporate.ovhcloud.com/en/newsroom/news/secnumcloud-qualification-bare-metal-pod/
• https://stackit.com/en/imprint
• https://www.stackit.de/en/newsarticle/stackit-independent-company/
• https://www.open-telekom-cloud.com/en/benefits/sovereignty
• https://www.oracle.com/europe/cloud/eu-sovereign-cloud/faq/
• https://www.plusserver.com/en/company/about-us/
• https://www.exoscale.com/about-us/
• https://www.hetzner.com/de/european-cloud/
• https://www.scaleway.com/en/about-us/
• https://news.microsoft.com/de-de/erste-souveraene-cloud-plattform-fuer-die-deutsche-verwaltung-auf-der-zielgeraden/

Validation questions (RFP)

• Which legal entity is the contracting partner? Which sub-processors? Who decides on government requests?

Scores comparison