EU Sovereign Cloud FAQ

Talk to a sovereign cloud expert

FAQ topics

General product information

What is Oracle EU Sovereign Cloud?

EU Sovereign Cloud is Oracle’s sovereign cloud offering, designed for the data laws and requirements of the EU. The following are its key features:

  • Access to the same services, value, and innovation as Oracle’s global public cloud offerings
  • Focused on data residency, data localization, and data protection
  • Designed for EU data, located in the EU, and operated by EU residents

Why is Oracle offering EU Sovereign Cloud?

Market trends and regulatory activity in the EU have led to growing commercial and government customer demand for cloud services that are designed for EU data, located in the EU, and operated in the EU. These requirements mitigate the risk of foreign law enforcement reach with respect to regulated data. Overall, data residency requirements have become a greater focus for EU cloud customers.

Who can use EU Sovereign Cloud?

Any customer can choose to run workloads in EU Sovereign Cloud regions. EU Sovereign Cloud isn’t restricted to customers based or headquartered in the EU.

How is EU Sovereign Cloud different from Oracle's other global public cloud offerings?

Oracle Cloud uses realms, which are logical collections of regions. Realms are physically, logically, and cryptographically separated from each other and don’t share any data. A customer’s tenancy exists in a single realm and has access to the regions that belong to that realm but not to the regions belonging to different realms.

The EU Sovereign Cloud realm differentiates itself from other cloud offerings by being the only realm designed for EU data, located in the EU, operated and supported by EU residents, and with physical and logical access restricted to EU residents. Furthermore, the Oracle personnel that provide customer support, data center support, and data center operations are located throughout the EU. The hardware and assets used to provide EU Sovereign Cloud are owned, operated, and managed by dedicated EU Sovereign Cloud legal entities that are incorporated in the EU.

Why would a customer select EU Sovereign Cloud instead of Oracle public cloud regions located in the EU?

Public sector and commercial customers may select an EU Sovereign Cloud region if their content is required to be hosted in the EU, serviced by EU-based personnel and, as such, in compliance with applicable EU data privacy and sovereignty regulations. Oracle’s service architecture and stringent new governance model for EU Sovereign Cloud are designed so that the EU Sovereign Cloud legal entity operates independently, without the need to transfer customer data outside of the EU.

How does EU Sovereign Cloud help customers meet compliance objectives?

EU Sovereign Cloud enables customers to demonstrate alignment with EU data protection principles, including data transfer requirements following the CJEU Schrems II ruling, and related guidance from EU privacy authorities. EU Sovereign Cloud data regions will be included in key Oracle Cloud audit programs, including SOC 1, 2, and 3, CSA, STAR, PCI, HIPAA, C5, HDS, ENS, and ISO 9001, 20000-1, 27001, 27017, 27018, and 27701, upon completion of the applicable third-party audits.

What is the key difference between EU Sovereign Cloud and Oracle Cloud Infrastructure Government Cloud?

EU Sovereign Cloud is open to every customer, and it’s an EU-wide offer. OCI Government Cloud is available only for government customers in the US, the UK, and Australia.

Will current EU public cloud regions be migrated to EU Sovereign Cloud?

No, all Oracle Cloud Infrastructure (OCI) commercial regions will be maintained as is. Customers will have the option to choose between the commercial region in Europe and EU Sovereign Cloud regions, depending on their requirements.

Are EU Sovereign Cloud customer service instances hosted in a separate cage or data center from non–EU Sovereign Cloud customer service instances?

Yes, the separation between EU Sovereign Cloud and non–EU Sovereign Cloud customers is achieved logically and physically within existing OC1 regions. EU Sovereign Cloud and non–EU Sovereign Cloud customers run on separate hardware, in physically separated data halls/caging, in logically separate realms.

For further details on realms, please refer to “Using realms for enhanced cloud isolation.”

Where are EU Sovereign Cloud data centers located?

The first two data center regions are in Frankfurt, Germany, and Madrid, Spain, collocated with current OC1 regions, with separate data halls and caging. These are new regions in a new realm. The realm will consist of two regions at launch, each with a single availability domain. We will continue to evaluate additional locations within the European Union for future region expansion opportunities.

Will it be possible to have network peering with OCI commercial public regions?

Network peering with remote peering gateways is not possible across realm boundaries. Customers who wish to create a network connection between a tenancy in OC1 and a tenancy in EU Sovereign Cloud need to use an IPsec VPN or Oracle Cloud Infrastructure FastConnect for this purpose, similar to a connection to an on-premises environment.

Are there any pricing differences between EU Sovereign Cloud and Oracle public cloud regions?

The pricing and selling model for the OCI services in EU Sovereign Cloud regions is identical to that of Oracle’s public cloud realms and uses Oracle’s Universal Credit model, which gives Oracle’s customers the flexibility to use any cloud infrastructure platform services anytime in any Oracle Cloud region. Customers can purchase Oracle Universal Credits using either the pay as you go model or the annual Universal Credit commitment model and are eligible to participate in other customer programs, including Oracle Support Rewards, Oracle Bring Your Own License, and Customer 2 Cloud. Detailed OCI pricing is available here.

EU Sovereign Cloud for SaaS will be priced in line with EURA SaaS offerings.

What services are available in EU Sovereign Cloud regions?

The EU Sovereign Cloud realm supports all OCI services that are available in commercial realms except for some services that would break the sovereignty and some services in rollout. Check the latest service availability.

Does EU Sovereign Cloud offer the same service level agreement as the regular commercial regions?

Yes, EU Sovereign Cloud will offer Oracle Cloud’s financially backed service commitments.

Does Oracle offer a trial version of EU Sovereign Cloud?

No, we don’t offer a trial version of EU Sovereign Cloud, but we offer trials in our public cloud. Learn more at oracle.com/cloud/free/.

What’s the key difference between EU Sovereign Cloud and Oracle Government Cloud?

EU Sovereign Cloud is available to all customers and is an EU-wide offer. Government Cloud is available only in the US, UK, and Australia and is exclusively for qualified government customers. Both have been designed to address different customer requirements driven by sector-specific and national regulations.

Does Oracle take additional measures with respect to legal access requests for customer data?

EU Sovereign Cloud legal entities have been established in an isolated decision-making model that would allow them to challenge a request from any entity outside the EU Sovereign Cloud structure. EU Sovereign Cloud entity employees who have access to the EU Sovereign Cloud data center regions will follow strictly defined procedures for requests for customer data that may originate from a third party (including other Oracle entities and law enforcement or government agencies outside the EU).

These safeguards are described in the data processing agreement for EU Sovereign Cloud, available at oracle.com/contracts.

Fusion SaaS

Which applications are available for EU Sovereign Cloud for SaaS?

EU Sovereign Cloud for SaaS is available for the following applications: Oracle Fusion Cloud Enterprise Resource Planning (ERP), Oracle Fusion Cloud Supply Chain & Manufacturing (SCM), Oracle Fusion Cloud Human Capital Management (HCM), Oracle Fusion Cloud Sales (CRM), and Oracle Fusion Cloud Enterprise Performance Management (EPM).

How does EU Sovereign Cloud compare to Oracle European Union Restricted Access Cloud Service?

EURA also offers SaaS solutions to address certain EU compliance needs. Both EU Sovereign Cloud and EURA offer the same core features:

  • Customer data will reside in data centers located only in countries that are member states of the European Union.
  • Oracle staff who may access customer environments will be EU-based staff.

However, the EU Sovereign Cloud SaaS solution provides some additional safeguards over the EURA SaaS offering:

  • Dedicated infrastructure (a dedicated realm in Oracle Cloud Infrastructure data centers in Madrid, Spain, and Frankfurt, Germany)
  • Support performed by dedicated EU Sovereign Cloud personnel
  • The latest OCI platform and architecture for OCI and SaaS
    • A unified solution with OCI, since OCI also supports EU Sovereign Cloud
    • Simplified future product expansion
  • Legal protections (the service is operated by EU Sovereign Cloud personnel employed by separate EU Sovereign Cloud legal entities)
    • Legal entities incorporated in Germany, the Netherlands, the Czech Republic, Romania, and Ireland

Will a customer be able to select the primary data center in their EU Sovereign Cloud instance?

Yes, customers will have the choice of a primary data center when logging into the cloud portal.

Does a new data processing agreement (DPA) apply to EU Sovereign Cloud for SaaS?

Yes, the data processing agreement for EU Sovereign Cloud is available at oracle.com/contracts. In addition, EU Sovereign Cloud SaaS-specific terms have been added to the Fusion Service Description.

In the event of a disaster, will European Union Sovereign Cloud Service for Oracle Fusion Applications be recovered in an EU Sovereign Cloud environment?

Yes, in accordance with the applicable Disaster Recovery terms set forth in the Oracle Cloud Hosting and Delivery Policies document and the Oracle SaaS Public Cloud Services Pillar Document.

What does EU Sovereign Cloud mean for current EURA customers?

Current EURA customers will be migrated to EU Sovereign Cloud. The specific migration date will be confirmed with individual customers and advance notification will be provided.

In addition, EU Sovereign Cloud offers EU restricted access capabilities to OCI workloads for the first time, which may be of particular benefit to EURA SaaS customers who also have OCI workloads.

Key terms

What is data sovereignty?

Data sovereignty is the idea that data is subject only to the laws and regulations within the country or region where it’s collected or located.

What is data localization?

Legal obligations requiring that data created within a country’s borders remain in that same country and not be transferred outside of the country. The General Data Protection Regulation isn’t a data localization law; data localization laws actually are quite rare in the EU.

What is data residency?

Ensuring data sits within a geographical location for whatever reason.

What is the CLOUD Act?

The US Clarifying Lawful Overseas Use of Data (CLOUD) Act specifies how cloud service providers such as Oracle should respond to requests from US law enforcement. Such requests may require the disclosure of data hosted on servers, regardless of whether the servers are located within the US or abroad. For more information about the CLOUD Act and how Oracle handles disclosure requests, please read this blog post.

What is the General Data Protection Regulation (GDPR)?

The European regulation setting forth requirements for handling personal data related to people in the EU. Nonpersonal data isn’t covered by the GDPR but may be addressed under other regulations, such as banking regulations. The GDPR imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The European Data Protection Board (EDPB), composed of representatives of EU national data protection authorities, is charged with ensuring the consistent application of the GDPR across the EU.

Other useful resources