Oracle EU Sovereign Cloud

Organizational controls

Operated within the EU by dedicated EU legal entities

EU Sovereign Cloud regions are operated by EU-incorporated legal entities established by Oracle that own the hardware and data center leases and deliver operations and customer support under EU-specific governance policies.

EU-resident operations and support—kept separate from global cloud operations

The EU Sovereign Cloud realm enables Oracle to restrict physical and logical access and limit day to day cloud operations and support to EU-resident personnel. These personnel are employed by dedicated EU legal entities and use processes separated from Oracle’s global cloud operations.

Strong segregation reduces operational risk

The EU Sovereign Cloud realm is designed to be physically and logically separated from all other Oracle Cloud regions. This helps enforce EU containment by design and reduces reliance on complex customer-managed residency controls, simplifying deployment and ongoing operations.

Governance and assurance aligned with EU requirements

EU legal entities are supported by a governance committee to maintain integrity and alignment with evolving EU regulations. EU Sovereign Cloud is audited against leading global assurance frameworks and aligns with key EU and regional requirements, including GDPR, C5, IT Grundschutz, AgID, the EU Cloud Code of Conduct, EBA guidance, and Schrems II and EDPB guidance, with the scope evolving based on customer demand and new legislation.

Technical controls

Oracle EU Sovereign Cloud is built on Oracle Cloud Infrastructure, a second generation cloud designed to address the structural limitations of earlier hyperscale platforms. Its architecture is grounded in isolated realms, delivering strong technical sovereignty through physical, logical, and cryptographic separation—a key reason Oracle EU Sovereign Cloud leads the market with advanced sovereignty capabilities. Its proven technical controls include the following:

Sovereign realm isolation by design

Each EU Sovereign Cloud region is deployed as a separate realm, maintaining segregation from other Oracle Cloud regions. Access to deploy, operate, and secure the environment is granted exclusively to teams employed by EU Sovereign Cloud entities, with EU data residency intrinsic to the platform.

Full stack security and compliance alignment

A comprehensive suite of cybersecurity services is available within the sovereign realm, providing configurable controls to support auditability and compliance needs. Enhanced encryption and key management options further strengthen data protection and confidentiality.

EU localized resilience and business continuity

Disaster recovery capabilities are designed to keep resilience within the EU Sovereign Cloud realm. Each region is built with three fault domains to distribute hardware and reduce disruption risk, improving reliability and supporting continuity for critical workloads.

Contractual controls

EU Sovereign Cloud is supported by specific agreements, such as the Cloud Services Agreement, EU Sovereign Cloud data processing agreement, the service description, and a dedicated addendum to the service pillar document. The contracts outline responsibilities for handling personal information, third-party subprocessors, confidentiality, and security measures. The contracts are designed to help address the requirement that your content will not leave the selected EU Sovereign Cloud region(s) without your authorization or instruction and aim to reduce the risk of unauthorized access by entities or individuals outside the EU Sovereign Cloud organizations.