Data sovereignty is an organisation's full control over its data: where it is stored, who can access it and which law it is subject to.
Data sovereignty describes an organisation's ability to decide for itself at any time where its data is stored, who may access it and which legal framework applies. It is therefore not only about whether data is secure, but also about who ultimately holds control over it.
Anyone who stores data with a provider that is subject to foreign law gives up part of that control. For regulated sectors, public bodies and the protection of trade secrets, it is crucial that no third party can access sensitive data unnoticed.
US providers are subject to the US CLOUD Act, which gives US authorities access to data even when it is stored in Europe. An EU server location alone therefore does not create data sovereignty.
SecureCloud is operated by a German company in German data centres and is subject exclusively to German and European law. Data is stored encrypted, and the service is GDPR-compliant, ISO 27001- and Trusted-Cloud-certified, BSI C5-attested and CIS-compliant. This keeps control over the data entirely with the company.
Data security protects data against loss and unauthorised access. Data sovereignty goes further and ensures that the organisation itself retains control over storage location, access and applicable law.
Not necessarily. What matters is who operates the service and which law the company is subject to. A German server location under the control of a US group does not offer full sovereignty.
Because laws such as the US CLOUD Act attach to the provider's nationality, not to the location of the servers.
Unsere Experten beantworten Ihnen gerne alle Fragen.