CISPE (Cloud Infrastructure Services Providers in Europe) is a coalition of cloud computing leaders serving millions of European customers. The CISPE Code of Conduct helps customers ensure that their cloud infrastructure provider is using appropriate data protection standards to protect their data consistent with the Europe Union’s General Data Protection Regulation (GDPR). Cloud providers adhering to the Code must give customers the choice to store and process their data entirely within the European Economic Area. Providers must also commit that they will not access or use, except as necessary to provide the services, their customers' data for their own purposes, including, in particular, for the purposes of data mining, profiling or direct marketing
The CISPE Code of Conduct provides a data protection compliance framework that helps customers assess whether their provider’s cloud infrastructure services can be used to process personal data, and if they will be in compliance with current and future obligations. The Code facilitates the proper application of the new European rules on data protection from the GDPR. CISPE members share the GDPR’s objectives of strengthening citizens’ fundamental rights in the digital age.