EU Sovereign Cloud FAQ

Talk to a sovereign cloud expert

FAQ topics

Product overview

What is Oracle EU Sovereign Cloud?

Oracle EU Sovereign Cloud is a purpose-built collection of Oracle Cloud Infrastructure (OCI) data regions designed to meet the needs of EU government agencies, nongovernmental agencies, and commercial entities subject to the data privacy and protection laws of the EU.

Key features of EU Sovereign Cloud include the following:

  • Provides access to the same services, value, and innovation as Oracle’s commercial public cloud offerings
  • Focused on data residency, data localization, and data protection
  • Designed for EU data, located in the EU, and operated by EU residents

Where are the EU Sovereign Cloud data centers located?

Oracle EU Sovereign Cloud is delivered from two EU data center regions, in Frankfurt, Germany, and Madrid, Spain, both with separate data halls and caging. These regions provide disaster recovery and high availability for each other. We will continue to evaluate additional locations within the EU for future region expansion opportunities.

Who can use EU Sovereign Cloud?

Any customer can choose to run workloads in EU Sovereign Cloud regions. EU Sovereign Cloud isn’t restricted to customers based in or headquartered in the EU.

How is EU Sovereign Cloud different from Oracle's other commercial public cloud offerings?

Oracle Cloud uses realms, which are logical collections of regions. Realms are physically, logically, and cryptographically separated from each other and don’t share any data. A customer’s tenancy exists in a single realm and has access to the regions that belong to that realm but not to the regions belonging to different realms.

The EU Sovereign Cloud realm differentiates itself from other cloud offerings by being the only realm designed for EU data and located in the EU. It is operated and supported by EU residents, with physical and logical access restricted to those EU residents. Furthermore, the Oracle personnel that provide customer support, data center support, and data center operations are located throughout the EU. The hardware and assets used to provide EU Sovereign Cloud are owned, operated, and managed by dedicated EU Sovereign Cloud legal entities that are incorporated in the EU.

What is the key difference between EU Sovereign Cloud and Oracle Government Cloud regions?

EU Sovereign Cloud is available to all customers and is an EU-wide offer. Government Cloud is available only in the US, UK, and Australia and is exclusively for qualified government customers. Both have been designed to address different customer requirements driven by sector-specific and national regulations. Customers have the option to choose between commercial regions in Europe and EU Sovereign Cloud regions, depending on their requirements.

Will Oracle’s commercial public cloud regions in the EU be migrated to EU Sovereign Cloud?

No, all commercial public cloud regions will be maintained as is.

Why use Oracle EU Sovereign Cloud?

Why is Oracle offering EU Sovereign Cloud?

Market trends and regulatory activity in the EU have led to growing commercial and government customer demand for cloud services that are designed for EU data, located in the EU, and operated in the EU. These requirements mitigate the risk of foreign law enforcement reach with respect to regulated data. As EU data residency requirements have increased, sovereign cloud solutions have become a greater focus for EU cloud customers.

Why would a customer select EU Sovereign Cloud instead of Oracle’s commercial public cloud regions located in the EU?

Public sector and commercial customers may select an EU Sovereign Cloud region if they have specific sovereignty compliance needs. Oracle’s service architecture and stringent new governance model for EU Sovereign Cloud are designed so that the EU Sovereign Cloud legal entity operates independently, without the need to access or transfer customer data outside of the EU.

Legal and regulatory differentiation

How are the EU Sovereign Cloud entities structured from a leadership perspective?

Across all seven EU Sovereign Cloud legal entities, the boards of directors are comprised of European nationals and, in one case, another European Oracle legal entity acting as a corporate director. Board appointments are based on European residency and relevant professional qualifications to ensure that members are subject to European legal jurisdiction and oversight. This approach reflects the governance model adopted at the establishment of the EU Sovereign Cloud legal entities and aligns with European nondiscrimination principles, focusing on maintaining effective European legal control rather than nationality.

How does EU Sovereign Cloud help customers meet compliance and regulatory objectives?

EU Sovereign Cloud enables customers to demonstrate alignment with EU data protection principles, including data transfer requirements following the CJEU Schrems II ruling, and related guidance from EU privacy authorities. EU Sovereign Cloud data regions are included in key Oracle Cloud audit programs, including SOC 1, 2, and 3, CSA, STAR, PCI, HIPAA, C5, HDS, ENS, and ISO 9001, 20000-1, 27001, 27017, 27018, and 27701, upon completion of the applicable third-party audits. In addition, EU Sovereign Cloud’s Frankfurt and Madrid regions provide business and operational continuity and other technical controls designed to align with both DORA and NIS2 regulations for financial institutions.

Do you have a data processing agreement (DPA), and does it apply to EU Sovereign Cloud?

Yes, our Data Processing Agreement for Oracle EU Sovereign Cloud is regularly reviewed and updated as part of our EU Sovereign Cloud Governance Committee process, with the latest version of the DPA released in June 2025 (PDF). The changes applied in the latest version are specifically called out in our statement of changes (PDF). EU Sovereign Cloud SaaS-specific terms have been added to the Fusion Service Description.

Does Oracle take additional measures with respect to legal access requests for customer data?

Seven EU Sovereign Cloud legal entities have been established in an isolated decision-making model designed to enable them to challenge a request from any entity outside the EU Sovereign Cloud structure. These entities are established in Germany, Spain, Poland, Romania (two entities), the Czech Republic, and Ireland. Employees of EU Sovereign Cloud entities who have access to the EU Sovereign Cloud data center regions will follow strictly defined procedures for requests for customer data that may originate from a third party (including other Oracle entities and law enforcement or government agencies outside the EU). These safeguards are described in the Data Processing Agreement for EU Sovereign Cloud (PDF).

Does EU Sovereign Cloud have the same SLAs as Oracle’s commercial public cloud regions?

Yes, Oracle offers the same financially backed service commitments for EU Sovereign Cloud as it does for its commercial public cloud regions.

Commercial benefits

Are there any pricing differences between EU Sovereign Cloud and Oracle public cloud regions?

The pricing and selling model for the OCI services in EU Sovereign Cloud regions is identical to that of Oracle’s public cloud realms and uses the Oracle Universal Credit Model (UCM), which gives Oracle’s customers the flexibility to use any cloud infrastructure platform services anytime in any Oracle Cloud region. Customers can purchase Oracle Universal Credits using either the pay-as-you-go model or the annual Universal Credit commitment model and are eligible to participate in other customer programs, including Oracle Support Rewards, Oracle Bring Your Own License, and Customer 2 Cloud. Visit OCI Pricing for details. EU Sovereign Cloud for SaaS will be priced in line with EURA SaaS offerings.

Can I use my commercial cloud credits in EU Sovereign Cloud?

Yes, EU Sovereign Cloud has recently added new functionality called “Cross-Realm Credit Sharing,” which enables Oracle customers to share their existing OC1 UCM credit commitment with their EU Sovereign Cloud realm, thus enabling them to minimize overages and reduce underutilization or committed credits. Customers must have an existing or new OC1 tenancy to avail themselves of the Cross-Realm Credit Sharing facility.

Technical capabilities

Who provides colocation services for EU Sovereign Cloud?

Colocation services, including data hall space and power, are provided by Equinix in Frankfurt, Germany, and by Digital Realty in Madrid, Spain.

How are the Frankfurt and Madrid EU Sovereign Cloud locations connected?

Our EU Sovereign Cloud data centers are connected via backbone links provided by EU companies. Further information is available on request.

What hardware capabilities does EU Sovereign Cloud provide?

A wide range of hardware has been provisioned in both our Frankfurt and Madrid sites to meet the wide variety of requirements and use cases of our customers. Server shapes include H200 server platforms from NVIDIA, which enable the latest GPU-intensive workloads to be run seamlessly. To meet customer needs, these are supported by a wide range of form factors, such as AMD Dense, AMD A100-80, Intel Standard, and Intel A10.

What services are available in EU Sovereign Cloud regions?

The EU Sovereign Cloud realm supports all OCI services that are available in commercial realms except for some services that would break the sovereignty and some services that are currently being rolled out. We now have more than 200 services running on EU Sovereign Cloud, including Oracle Cloud Infrastructure Generative AI and AI agents, released in September 2025, and Oracle Fusion Cloud Applications AI services and supporting agents, released in October 2025. For more information, please review our list of critical services available in EU Sovereign Cloud.

Oracle’s Cloud@Customer offering, comprising both Oracle Exadata Cloud@Customer and Oracle Compute Cloud@Customer, is also available in our EU Sovereign Cloud. Contact Oracle Sales to validate the deployment to a data center of your choice. For both systems, the Oracle Cloud Operations team works from within the European Union. Consult the PaaS and IaaS Public Cloud Services Pillar Document for more details about the joint operations model.

Can I trial OCI services without an up-front payment?

Oracle aims to provide interested users with risk-free access to fundamental OCI services to showcase the potential of its IaaS and PaaS solutions. There are two options available to potential customers who would like to test OCI’s IaaS/PaaS functionality without making any financial commitment.

Option 1: Explore a free tier of OCI by creating a new OCI account in minutes. Please go to signup.oraclecloud.com for details.

Option 2: Engage Oracle Sales to set up a proof-of-concept project. This service offers customers the opportunity to validate the functionality and performance of a specific Oracle solution before purchasing that solution. With support from OCI technical professionals, this customer-driven approach enables Oracle to determine, demonstrate, and validate the feasibility or viability of a solution and generate evidence proving or disproving the feasibility of that solution. Please contact one of our representatives for more information.

What happens to my tenancy and services if there is an event (such as a large-scale event, or LSE) outside the EU Sovereign Cloud realm?

As the EU Sovereign Cloud realm, including the Frankfurt and Madrid regions within the realm, is completely isolated both physically and logically from other Oracle realms, any event that impacts Oracle’s commercial public cloud should not result in a loss of service or access to your tenancy.

How do global services get updated in EU Sovereign Cloud?

Oracle uses a distributed source code management tool, Git, which is the standard version control system used by more than 95% of all developers worldwide. Source code in Git is decentralized, meaning that the code it stores is distributed across separate peer repositories. Git provides the ability to synchronize changes between these repositories, merge changes made across different repositories, and ensure that the current versions are clearly tracked and available. The repositories stored in EU Sovereign Cloud would continue to exist and be available to personnel employed by EU Sovereign Cloud entities but would no longer be synced with their peers in the US or other realms. This approach benefits customers using EU Sovereign Cloud, as it enables our EU Sovereign Cloud personnel to continue to use the local repository of source code to patch, update, and maintain EU Sovereign Cloud.

SaaS Fusion Applications on EU Sovereign Cloud

Which applications are available for EU Sovereign Cloud for SaaS?

EU Sovereign Cloud for SaaS is available for Oracle Fusion Cloud Enterprise Resource Planning (ERP), Oracle Fusion Cloud Supply Chain & Manufacturing (SCM), Oracle Fusion Cloud Human Capital Management (HCM), Oracle Sales, Oracle Fusion Cloud Enterprise Performance Management (EPM), Oracle Fusion Analytics, and Oracle CPQ.

Will a customer be able to select the primary data center in their EU Sovereign Cloud instance?

Yes, customers will have the choice of a primary data center when logging in to the cloud portal.

Which data processing agreement applies to EU Sovereign Cloud for SaaS?

The Data Processing Agreement for Oracle EU Sovereign Cloud is available at oracle.com/contracts and applies to EU Sovereign Cloud for SaaS. In addition, SaaS-specific terms for EU Sovereign Cloud have been added to the Fusion Service Description.

In the event of a disaster, will Oracle European Union Sovereign Cloud Service for Oracle Fusion Applications be recovered in an EU Sovereign Cloud environment?

Yes, in accordance with the applicable disaster recovery terms set forth in the Oracle Cloud Hosting and Delivery Policies document and the Oracle SaaS Public Cloud Services Pillar Document. This includes the capability to implement disaster recovery for identity domains, which restores the production operations and supporting data of an affected identity domain to its designated paired disaster recovery region. Supporting documents can be found at oracle.com/contracts/cloud-services.

How does EU Sovereign Cloud compare to Oracle European Union Restricted Access Cloud Service (Oracle EURA)?

Oracle European Union Restricted Access Cloud Service also offers SaaS solutions to address certain EU compliance needs. Both EU Sovereign Cloud and EURA offer the same core features:

  • Customer data will reside in data centers located only in countries that are member states of the European Union.
  • Oracle staff who may access customer environments will be EU residents.

However, the EU Sovereign Cloud SaaS solution provides some additional safeguards over the EURA SaaS offering:

  • A dedicated realm and infrastructure with Oracle Cloud Infrastructure data centers in Madrid, Spain, and Frankfurt, Germany
  • Support performed by dedicated EU Sovereign Cloud personnel
  • The latest OCI platform and architecture for OCI and SaaS, which offers a unified solution with more than 200 OCI services and simplified future product expansion
  • Enhanced legal protections, as the service is operated by EU Sovereign Cloud personnel employed by separate EU Sovereign Cloud legal entities that are incorporated in Germany, the Netherlands, the Czech Republic, Romania, and Ireland

What does EU Sovereign Cloud mean for current EURA customers?

Current EURA customers have either been migrated, or an in the process of migrating, to EU Sovereign Cloud. The specific migration date will be confirmed with individual customers and advance notification will be provided. The duration of migrations ranges from 6 hours to 12 hours, depending on the volume of data to be migrated. In addition, EU Sovereign Cloud offers EU restricted access capabilities to OCI workloads, which may be of particular benefit to EURA SaaS customers who also have OCI workloads. More information can be found in our Operations Guide.

Key terms

What is data sovereignty?

Data sovereignty is the idea that data is subject only to the laws and regulations within the country or region where it’s collected or located.

What is data localization?

Data localization refers to legal obligations requiring that data created within a country’s borders remain in that same country and not be transferred outside of the country. The General Data Protection Regulation isn’t a data localization law because it enables data flows subject to appropriate safeguards. Data localization laws are quite rare in the EU.

What is data residency?

Ensuring data sits within a geographical location for whatever reason.

What is the CLOUD Act?

The US Clarifying Lawful Overseas Use of Data (CLOUD) Act specifies how cloud service providers such as Oracle should respond to requests from US law enforcement. Such requests may require the disclosure of data hosted on servers, regardless of whether the servers are located within the US or abroad. For more information about the CLOUD Act and how Oracle handles disclosure requests, please read our US Cloud Act blog post.

What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation is a European regulation that sets forth requirements for handling personal data in the EU. Nonpersonal data isn’t covered by the GDPR but may be addressed under other regulations, such as banking regulations. The GDPR imposes obligations on organizations anywhere, so long as they target or collect data related to people in the EU. The European Data Protection Board, composed of representatives of EU national data protection authorities, is charged with ensuring the consistent application of the GDPR across the EU.

Getting started with EU Sovereign Cloud

For customers interested in using EU Sovereign Cloud, check out our solution playbook, which provides guidance on conceptual architectures, use cases, and details regarding both the overall capabilities and operational aspects of EU Sovereign Cloud to set the context of the architectures.

If you have any questions about Oracle’s approach to legal access requests or want to learn more about Oracle’s sovereign cloud solutions, contact one of our representatives.

You can also read more about OCI’s enhanced sovereignty capabilities in the following blog series: