Newsletter Blog Partner Programs Academy Contact us
Products
Compute Instances Managed Kubernetes DBaaS Object Storage Block Storage GPU Servers
All products
Marketplace
Pricing
Resources
Documentation API Integration Support
Changelog
Register
Products Compute Instances Managed Kubernetes DBaaS Object Storage Block Storage GPU Servers
All products
Marketplace
Pricing
Resources Documentation API Integration Support
What's new
ISO/IEC 27018:2019

Protecting Personal Data in the Cloud

Exoscale’s ISO/IEC 27018:2019 certification demonstrates our commitment to strong privacy and data protection. ISO/IEC 27018 provides guidelines for safeguarding personally identifiable information (PII) in public cloud environments, aligning with global privacy principles and regulatory requirements.
Access Compliance Center

What is ISO/IEC 27018:2019?

ISO/IEC 27018:2019 is the internationally recognized code of practice for the protection of personally identifiable information (PII) in public cloud computing.

The standard provides specific guidelines and security controls to help cloud service providers (CSPs) handle and process personal data in line with privacy principles from ISO/IEC 29100 and global regulations like the GDPR.

Key areas addressed include data subject consent, data deletion, transparency, cross-border data flows, breach notification, and protection against unauthorized access.


Access the certificate and supporting documentation via our Compliance Center.

FAQ

How does ISO/IEC 27018:2019 relate to other standards?

ISO/IEC 27018:2019 builds on and complements other international standards:

  • ISO/IEC 27001: Foundation for information security management systems (ISMS).
  • ISO/IEC 27002: Provides best-practice security controls.
  • ISO/IEC 27017: Adds cloud-specific security guidance.
  • ISO/IEC 29100: Establishes privacy framework and principles.

Together, these standards form a robust framework for managing both security and privacy in the cloud.

Exoscale

Contact our Compliance Team

Have questions about our privacy controls or need specific compliance documentation? Contact our Compliance Team—we’re ready to support your privacy and regulatory requirements.