Declare a service

Disclaimer: CISPE accepts no new service declarations following the green light of the CISPE Data Protection Code from the EU Data Protection Board (EDPB) on May 19, 2021 and pending its final approval by CNIL.

This is a Declaration of Adherence (“Declaration”) with the Data Protection Code of Conduct for Cloud Infrastructure Service Providers (the “Code”). Unless they are otherwise defined, capitalised terms used in this Declaration will have the meaning given to them in the Code.

The data communicated via this form is collected with your consent and will be sent to Cloud Infrastructure Services Providers in Europe ASBL as a data controller. The data may be sent to processors acting under the strict instructions of Cloud Infrastructure Services Providers in Europe ASBL. When submitting information necessary to declare services, the data is collected for the purposes indicated therein. The data is stored for thirty-six (36) months. Some elements of data handled for management purposes (e.g.: billing) may be stored for a longer period, in compliance with the applicable regulations. You have the ability to lodge a complaint to the relevant supervisory authority. You also have right of access, right to rectification, right to deletion, right to limitation, right to portability, right to opposition on legitimate grounds and right to withdraw consent at any time for data that concerns you. To exercise this right, please submit your request via

Services covered by this Declaration

This Declaration covers the cloud infrastructure service(s) below (the "Services"). If this Declaration is being made for more than one service, please include details for each service below.

Will appear on CISPE Public Register
Optional, will not appear on CISPE Public Register

CISP making the Declaration

This Declaration should be made by an entity which is a seller of record of the Service(s) (the "CISP"). If this Declaration is being made by more than one CISP, please include details for each CISP below and in the declaration at Section 5. This information will appear on the CISPE Public Register.

Declaration Process

This Declaration is supported by:

  • Self-assessment process.
  • Controlled Adherence process.

Your choice will determine which Compliance Mark the CISP is eligible to use for the Service(s). In each case the supporting evidence must include a completed Compliance Checklist and demonstrate compliance by reference to the Compliance Checklist.

Compliance Checklist

The Code Requirements listed in the Compliance Checklist as being auditable are the Auditable Code Requirements. Please attach the Compliance Checklist and copies of all referenced supporting documentation in respect of the Auditable Code Requirements.

Please indicate if supporting documents only apply to specific Services. If you are relying on different supporting documents for different services, you may complete the Compliance Checklist separately for each Service.

Click or drag files to this area to upload. You can upload up to 10 files.

Proposed Monitoring Body

Please insert the full name and address of your proposed Monitoring Body:

Monitoring Body Confirmation

For Declarations following the Controlled Adherence process only

Please attach written confirmation from the Monitoring Body that the CISP service adheres to the Auditable Code Requirements.

Such confirmations should be signed by the relevant Monitoring Body.

Click or drag files to this area to upload. You can upload up to 10 files.


By signing below the CISP(s) confirms that:


  1. as of the date of this Declaration the Services adhere to the Code Requirements;
  2. if following the Self-Adherent Process, the CISP shall submit the Service for Monitoring Body review within 12 months of incorporation of this Declaration in the CISPE Public Register;
  3. the CISP shall comply with the Monitoring Body review, complaints and enforcement procedures in Section 7(Governance) of the Code; and
  4. if any change to the Service(s) or the Code means a material update to this Declaration is required, then
    1. the CISP must promptly notify the Secretariat, and
    2. cooperate with the Secretariat to update those materials.