Skip to Content
Skip to Footer

Awards and Recognition

Salesforce Earns Second Level Compliance with EU Cloud Data Code of Conduct

Salesforce today announced it has earned a Second Level Compliance recognition from the EU Data Protection Code of Conduct. 

Why it’s important: Established in 2017 with Salesforce as a founding member, the EU Cloud Code of Conduct is a first-of-its-kind charter that empowers cloud service providers to easily demonstrate, with trust and transparency, compliance with General Data Protection Regulation (GDPR) requirements.  

Driving the news: The EU Cloud Code of Conduct makes it easy for companies to source cloud providers serious about GDPR compliance.

Salesforce declared its adherence to the Code, and after completing a robust assessment process, has now acquired Second Level Compliance. This achievement reaffirms Salesforce’s compliance commitments to global data protection laws and standards.

What they’re saying: “Cloud computing is the foundation of digital transformation, and people and businesses will only use digital services they can trust,” said Jörn Wittmann, Managing Director of SCOPE Europe, the dedicated monitoring body of the Code. “Salesforce is upholding their commitment to trust by transparently communicating their compliance efforts with the EU Cloud Code of Conduct.”

The Salesforce perspective: “Being a trusted cloud service provider is our top priority, and our adherence to the EU Cloud Code of Conduct demonstrates our services security and privacy practices align with GDPR requirements,” said Jo Copping, Vice President, Associate General Counsel, Privacy, EMEA, Salesforce. “We’re thrilled to add the Second Level Compliance for the EU Cloud Code of Conduct to our existing, comprehensive list of third-party certifications, like C5 in Germany and the ENS in Spain.” 

Fast facts: 

  • In 2015, Salesforce was the first enterprise software company to achieve approval from European data protection authorities for its Binding Corporate Rules (BCRs) for Processors to facilitate international transfers of European Union (EU) personal data.
  • In September 2021, Salesforce updated its Data Processing Addendum to include the new Standard Contractual Clauses as soon as they were published, and announced new forthcoming EU data storage options. 

Zoom out: Going forward, the EU Cloud Code of Conduct will be critical to setting a high default level of data protection throughout the European cloud computing market — and easing business concerns regarding data protection in the cloud. 

Explore further: For more information on Salesforce and data privacy, go here.

Get the latest Salesforce news.