Open Telekom Cloud for Business Customers

Data protection and compliance

Maximum safety for carefree working.

Our services fully meet the stringent requirements of GDPR. That’s why we made our product the first to be certified by an independent institute. As such, we can guarantee that Open Telekom Cloud offers the very highest security standards.

The Open Telekom Cloud – 100% compliant with the GDPR

Because the data centers of the Open Telekom Cloud are located in Germany and the Netherlands, your data will never leave Europe. As a result, you can rest assured that the General Data Protection Regulation (GDPR) is fully complied with at all times.

Icon: Map

Hosted in Germany and the Netherlands

Compliance with the GDPR depends on the location of a cloud provider’s data centers or where the personal data is stored and processed.
Does your business model only allow for data processing in Germany? Then we will provide your resources in the Open Telekom Cloud together with data backup in German data centers. Are you planning a project across multiple countries or do you value geo-redundancy with a distance of more than 200 kilometers between the data centers? Then our twin-core data center in Amsterdam is also available to you.


Certified and transparent compliance with the highest security and privacy requirements

The Service Organization Controls (SOC) reports, known as SOC 1, SOC 2, and SOC 3, are standardized frameworks for auditing service providers. SOC 1 focuses on internal controls over financial reporting. SOC 2 covers the five Trust Service Criteria: security, confidentiality, process integrity, availability, and privacy. SOC 3 is an abbreviated version of SOC 2 and, unlike the latter, is publicly available.

Icon: Privacy
Icon: EU flag

For European Data Sovereignty – Schrems II & GAIA-X

With the Schrems II ruling of July 2020, which overturned the EU/US Privacy Shield, it is clear that cloud offerings serving European users must comply with European standards. At the same time, it is also in the interest of many European companies to retain full control over their data - this is one of the key points addressed by the European GAIA-X initiative. With the Open Telekom Cloud, companies kill two birds with one stone: they retain full data sovereignty and avoid risks arising from the US Cloud Act or Schrems II.


Compliance with industry-specific regulations (German Law)
– professional secrecy holders & social data

The Open Telekom Cloud facilitates the secure processing of data of professional secrecy holders according to § 203 of the German Criminal Code (StGB), e.g., elected attorneys, doctors, auditors or legal departments in companies and social data in accordance with Section 35 of the German Social Security Code I (§ 35 SGB I), e.g., data from health insurance companies or medical clearinghouses.

Read our articles:
Secure cloud for professional secrecy holders
Secure cloud for social service providers

Icon: Paragraph
Logo Trusted Cloud

We are officially ready for GDPR with the Trusted Cloud seal

Following a resolution by the German Bundestag, the Federal Ministry for Economic Affairs and Energy can award cloud providers the Trusted Cloud seal. Open Telekom Cloud fully complies with the comprehensive requirements and can officially carry this title.

Find out more (only in German)


We generate recommendations that are highly sensitive for our customers and have an impact on competition. Therefore, data security and protection are of enormous importance to us.

Florian Fleischmann, CEO and founder of HRForecast GmbH

Our certifications

To meet the very latest security and data protection requirements, all of our services are subject to strict rules and are regularly checked by independent specialists.

Independent certifications

Tisax logo


Certification of all IT applications in the interconnected automotive industry. 

Find out more

Privacy & Security Assessment logo

Privacy and security assessment

PSA takes an integral part of ensuring data privacy and security for our customers, which is validated in the ISO27001 Audits by DEKRA.

Find out more

TCDP logo

TCDP 1.0

Data protection requirement for order data processing certified by DEKRA.

Download certificate


SOC 1 Type II (ISAE 3402)

As part of the audit, relevant checks for financial reporting are tested for their effectiveness.

Request report


SOC 2 Type II (ISAE 3000)

As part of the audit, relevant checks to ensure the Trust Service Criteria - security, availability, integrity, confidentiality and data protection - are performed and tested for their effectiveness.

Request report


SOC 3 (ISAE 3000)

This report is intended for public distribution. It summarizes the results of SOC 2 and includes an assessment by our external auditor.

Download report*

*Please open the report with a fully fledged PDF reader, such as Acrobat Reader or Foxit PDF.

Logo C5

BSI C5 (ISAE 3000)

This report verifies the minimum information security requirements for cloud services of the BSI Cloud Computing Compliance Criteria Catalogue (BSI C5).

Request report

Icon Cloud Data Protection Level 2

EU Cloud Code of Conduct

The EU Cloud Code of Conduct (EU Cloud CoC) provides independently verified evidence that data is processed in accordance with the requirements of Art. 28 and Art. 40 GDPR.

Download report

Logo Tier III

Uptime Institute - Tier III Certified

Tier III certified data centers use redundant components. The servers are multiple. The identical architecture of the Magdeburg and Biere data centers meet the criteria for TIER III certification.

Request report

Logo GxP


GxP is an industry-specific certificate that covers the implementation of "good work practice" guidelines in the pharmaceutical sector.

Request report

DIN EN 50600

DIN EN 50600

DIN EN 50600 is a Europe-wide standard that provides comprehensive specifications for the planning, construction and operation of a data center.

Planned for Q3/2023


ISO 27000 Family

Icon information security system

ISO/IEC 27017

Certification of additional information security controls for the use of cloud services.

Download certificate

Icon ISO Data safety

ISO/IEC 27001

Certification of establishing, implementing, maintaining and continually improving an information security management system (ISMS).

Icon ISO Data security

ISO/IEC 27018

Certification of protection of personally identifiable information (PII) in public clouds acting as PII processors with a Data Protection Management.

Download certificate

Icon with gear for ISO/IEC 27701 certificate

ISO/IEC 27701

Certification to establish, implement, maintain and continually improve a privacy information management system (PIMS).

Download certificate

The ISO 27000 family stands for a worldwide recognized framework on best practices of security standards. Instead of three separate certificates, the ISO/IEC 27017 and ISO/IEC 27018 is now included in the ISO/IEC 27001.

Download combined certificate


Other ISO Certifications

Icon ISO Quality Management

ISO 9001

Certification of establishing, implementing, maintaining and continually improving a quality management system (QMS).

Download certificate

Icon ISO Environmental Management

ISO 14001

Certification of establishing, implementing, maintaining and continually improving an environmental management system (EMS).

Download certificate

Icon ISO Service Management

ISO/IEC 20000-1

Certification of establishing, implementing, maintaining and continually improving a service management system (SMS).

Download certificate

Icon ISO Business Continuity Management System

ISO 22301

Certification of establishing, implementing, maintaining and continually improving a business continuity management system (BCMS).

Download certificate


Telekom certifications



Internal enterprise security architecture seal

Download flyer


The multi-certified data centers, the high level of data protection and Deutsche Telekom as a reliable and reputable partner convinced us.

Florian Schild, founder and CEO of boot.AI

What we mean by security

Image of data center building

Our data centers

Image with digital display of numbers

Zero Outage


Book now and claim starting credit of EUR 250* (code: 4UOTC250)

Take advantage of our consulting services!
Our experts will be happy to help you.
We will answer any questions you have regarding testing, booking and usage – free and tailored to your needs. Try it out today!

Hotline: 24 hours a day, seven days a week 
0800 3304477from Germany
+800 33044770from abroad

* Voucher can be redeemed until December 31, 2023. Please contact us when using the voucher for booking. The discount is only valid for customers with a billing address in Germany and expires two months after conclusion of the contract. The credit is deducted according to the valid list prices as per the service description. Payment of the credit in cash is excluded.

  • Communities

    The Open Telekom Cloud Community

    This is where users, developers and product owners meet to help each other, share knowledge and discuss.

    Discover now

  • Telefon

    Free expert hotline

    Our certified cloud experts provide you with personal service free of charge.

     0800 3304477 (from Germany)

    +800 33044770 (from abroad)

    24 hours a day, seven days a week

  • E-Mail

    Our customer service is available free of charge via E-Mail

    Write an E-Mail