The AWS cloud is already widely operated throughout the EU by start-ups, government authorities, educational institutions and leaders such as Network Ferr̩ de France and Veolia in France, St James`s Place and Shell in the UK, talanx and Hubert Burda Media in Germany. AWS customers have always had the freedom to choose where to store and process their content, with the certainty that AWS does not move them from their chosen region. Customers have access to 11 AWS regions around the world, including two in the EU РIreland (Dublin) and Germany (Francfort) Рwith several availability areas where customers can create highly secure and available applications. The DPA with model clauses gives AWS customers more choice when it comes to data protection, and ensures that their content enjoys the same high level of data protection, in accordance with EU law, regardless of the AWS infrastructure region they choose worldwide. The DATA Authority is now available on request for all customers who need it. As you all know, the security, privacy and data protection of our customers is our top priority and, as such, we work closely with regulators to ensure that customers can be assured that they have adequate protection when processing and storing data in AWS. I am particularly pleased that the Group of Data Protection Authorities in the European Union (EU), known as the Article 29 Data Protection Group, has approved the AWS Data Processing Agreement (DPA) to assure customers that it meets the high standards of EU data protection legislation. The media warning below, which was issued today, gives the details: According to Amazons` Chad Woolf, AWS`s features and tools are in line with the RGPD, allowing customers to provide a large number of services to help them meet their own RGPD. However, there are some things you need to know. Most AWS services now comply with encryption, deletion and processing monitoring. But some are only one or two of these three factors. Amazon Elastic Container Service (ECS) and its version Kubernetes (EKS), Amazon CloudSearch and Amazon ElasticCache for Memcached are not used for encryption Рonly deletion and monitoring processing. On the other hand, Amazon Comprehend is only deleted to help you encrypt.

To see how services help you with encryption, deletion and monitoring, check out Amazon Capabilities Chart`s service for RGPD. AWS not only has a data protection statement approved by the Article 29 Data Protection Group, but it also complies with all current EU data protection laws and maintains robust global security standards such as ISO 27001, SOC 1, 2, 3 and PCI DSS Level 1. In 2013, AWS Cloud was licensed by Nederlandsche Bank for use in the Dutch financial services sector, which opened the door for Dutch financial services to store confidential data and run critical applications on AWS. AWS has teams of solutions architects, account managers, coaches and other EU staff with specialized training in cloud security and compliance to help AWS customers move their applications to the cloud. AWS also helps customers meet local safety standards and has introduced a Customer Certification Workbook developed by the independent certification body T-V TRUST IT, which provides customers with certification guides for BSI IT Grundschutz in Germany. A copy of the workbook is available at aws.amazon.com/compliance/ 4.5 The subcontractor implements appropriate technical and organisational procedures for the protection of personal data, taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of the treatment, as well as the risks of different likelihood and severity for the rights and freedoms of individuals. 10.2 The subcontractor will immediately inform the person in charge of any request or