Latest news and updates
Protect your data
Earning customer trust is the foundation of our business at AWS and we know you trust us to protect your most critical and sensitive assets: your data. We work closely with you to understand your data protection needs, and offer the most comprehensive set of services, tooling, and resources to help protect your data. To do this, we provide technical, operational, and contractual measures needed to protect your data. With AWS, you manage the privacy controls of your data, control how your data is used, determine who has access, and how it is encrypted. We underpin these capabilities with the most flexible and secure cloud computing environment available today.
City of Heidelberg - Case Study
Our commitments to protect European customer data
Data controls and residency
With AWS, you control your data by using powerful AWS services and tools that allow you to determine where your data is, how it is secured, and who has access to it. Services such as AWS Identity and Access Management (IAM) allow you to securely manage access to AWS services and resources. AWS CloudTrail and Amazon Macie enable compliance, detection, and auditing, while AWS CloudHSM and AWS Key Management Service (KMS) allow you to securely generate and manage encryption keys. AWS Control Tower provides governance and controls for data residency.
Our contracts are written in plain, straightforward language and include commitments that go beyond those available from other cloud providers to protect customer data. Our strengthened commitments to you build on our long track record of challenging law enforcement requests. If we receive a law enforcement request for customer data from government bodies, whether inside or outside the European Economic Area (EEA), we commit to challenge requests that are overbroad, or where we have any appropriate grounds to do so, including where the request conflicts with EU law, as described in our supplementary addendum to the AWS GDPR DPA. We also provide a bi-annual Information Request Report describing the types and number of information requests AWS receives from law enforcement.
We are transparent about our commitments to protect our EU customers’ data. Our GDPR Data Processing Addendum, including Standard Contractual Clauses, automatically applies for our customers who are subject to General Data Protection Regulation (GDPR). In addition, our UK GDPR Addendum to the AWS GDPR Data Processing Addendum applies when the UK GDPR applies to your use of the AWS Services to process UK Customer Data (as defined in the AWS UK GDPR Addendum). As part of our continued commitments, we offer Privacy Features of AWS Services resources to help you to determine whether the maintenance and provision of our services to you may involve customer data being transferred outside of the AWS Region in which you chose to store customer data. These resources make it easier for you to comply (and demonstrate compliance) with regulations, including GDPR. They also help you complete your data transfer assessments in accordance with recommendations from the European Data Protection Board (EDPB) on transferring personal data in compliance with “Schrems II”. You can select to use AWS services that only store and process customer data in the EU. Links are available on our GDPR Center.
At AWS, security is our top priority and security in the cloud is a shared responsibility between AWS and our customer. You can improve your ability to meet core security, confidentiality, and compliance requirements with our comprehensive services, whether that's through Amazon GuardDuty or our AWS Nitro System, the underlying platform for our EC2 instances. We've designed the Nitro System to have workload confidentiality and no operator access. With the Nitro System, there’s no mechanism for any system or person to log in to EC2 servers, read the memory of EC2 instances, or access any data stored on instance storage and encrypted EBS volumes. In addition, services such as AWS CloudHSM and AWS Key Management Service allow you to securely generate and manage encryption keys, and AWS Config and AWS CloudTrail deliver monitoring and logging capabilities for compliance and audits.
We comply with internationally recognized standards such as Cloud Computing Compliance Controls Catalog (C5) and Esquema Nacional de Seguridad (ENS). We also achieved certifications including PCI-DSS, Hébergement de Données de Santé (HDS, France), and TISAX (EU Automotive), helping satisfy compliance requirements for regulatory agencies across the EU. Financial services providers, healthcare providers, and governmental agencies are among the customers, who trust us with some of their most sensitive information.
Organisations using AWS technology can comply with European regulations
The IT Shared Service Centre of the Flemish Government uses AWS to help citizens maintain control of their data and digitally access government services.
SecureAppbox helps organisations manage sensitive data and comply with General Data Protection Regulation (GDPR).
Funidata built a student information system called Sisu on AWS. Sisu has streamlined administrative processes, providing universities with a simpler and more secure way to manage day-to-day tasks.
Operating in the highly regulated financial services industry, Velliv is one of Denmark’s largest pension companies, with more than 360,000 customers. When it separated from its parent company, it had a chance to build a completely new, independent IT infrastructure.
With AWS, you can improve your ability to meet core security and European data privacy compliance requirements, such as handling data subject requests, managing personal data breach notifications, performing data protection impact assessments, and setting technical and organisational measures with respect to the processing of your data. We also provide you with guidance to maintain compliance, plus we offer a large network of AWS partners who can help manage your compliance for you. We support industry initiatives such as GAIA-X to define standards for the next generation of data infrastructure. We supported GAIA-X from the start and contributed to technical working groups during its’ formation. We support the Cloud Infrastructure Services Providers in Europe (CISPE) Code of Conduct. We help you meet European laws and standards and achieve the highest levels of security, privacy, and resilience.
We invest in the economic, technological, environmental, and social fabric of Europe
Our products and services positively transform the everyday lives of people in Europe by enabling the democratisation of technology, empowering scientific discovery, helping communities recover from COVID-19, and more. We drive economic development through investing in infrastructure, jobs, and skills in communities and countries across Europe. We also support a vast ecosystem of startups, SMBs, large enterprises, government organisations, and partners who use AWS to help you grow your business and serve customers in Europe and around the world. We made a commitment to achieving net zero carbon by 2040 and are on a path to powering our operations with 100% renewable energy by 2025. We support the EU’s Green Deal and help our customers achieve their own sustainability targets. European businesses can reduce energy use by nearly 80% when they run their applications on the AWS Cloud instead of operating their own data centres.
Siemens uses an array of AWS services to carry on that tradition of transformation—bringing IOT to railways and factories, developing intelligent infrastructure for buildings and distributed energy systems, implementing Artificial Intelligence into its cybersecurity platform, and more.
SNCF Réseau determined that the breadth of AWS managed services met the company’s expectations for accelerating the implementation of its Smart Data strategy—a sweeping new approach to collecting and quickly analysing data relevant to the maintenance of SNCF rails using smart sensors in near real time.
German EDC (electronic data capture) software provider Climedo Health used AWS to create secure, cloud-native, and scalable solutions to better capture and manage clinical data used by pharmaceutical companies, medical device manufacturers, hospitals, and around 150 public health offices.
European customers rely on AWS to innovate and grow
Meaningful innovation thrives on AWS. Our customers are a shining example of what is possible in the cloud.
Media and Entertainment
Retail and Manufacturing
Media and Entertainment
Retail and Manufacturing
AWS Summit Brussels 2022
Learn how AWS is helping EU customers navigate data protection.
New Standard Contractual Clauses now part of the AWS GDPR Data Processing Addendum
Achieving compliance with GDPR is critical for hundreds of thousands of AWS customers and AWS. Learn more about the update to our online AWS GDPR Data Processing Addendum (AWS GDPR DPA).
How AWS is helping EU customers navigate the new normal for data protection
Achieving compliance with the European Union’s data protection regulations is critical for hundreds of thousands of Amazon Web Services (AWS) customers. In February, we announced strengthened commitments to protect customer data.
Confidential computing: an AWS perspective
We’ve made many long-term investments in purpose-built technologies and systems to keep raising the bar of security and confidentiality for our customers.
Data Privacy Center
At AWS, we earn trust by working to meet our customers’ privacy needs and being transparent in our privacy commitments.
AWS is committed to offering services and resources to our customers to help them comply with the GDPR requirements.
Privacy Features of AWS Services
We are transparent about how AWS services process the personal data you upload to your AWS account and we provide capabilities that allow you to encrypt, delete, and monitor the processing of your customer data.
Earning customer trust is the foundation of our business at AWS and we know you trust us to protect your most critical and sensitive assets: your data.