Skip to main content

EU Cloud Sovereignty Assessment

Evaluate your organization's cloud sovereignty posture against EU regulations. Get personalized recommendations from our AI assistant on how to improve your compliance and data sovereignty strategy.

Take the AssessmentChat with AI Assistant

Contacts

This system was created thanks to a collaboration between Futurice and UpCloud. Interested in learning more about EU cloud sovereignty or need help with your compliance journey? Get in touch.

Contact FuturiceContact UpCloud

Technical Overview

This system was built entirely with open source technologies, using open-weight self-hosted large language models, and is hosted fully in Finland to ensure maximum data sovereignty.

This service is a technology demonstration and is intended for informational purposes only. Please be aware that AI-generated answers are not guaranteed to be correct. For authoritative information, always refer to the original sources and applicable legislation.

Related Links

Futurice AI-Ready Platform and Enterprise Modernization(opens in new tab)Futurice UpCloud Solutions(opens in new tab)UpCloud — Global Cloud, European Excellence(opens in new tab)Blog Post: Building a Sovereign AI Assessment Tool (coming soon)(opens in new tab)

Sources

The assessment survey and AI assistant are informed by the following EU and US regulations, frameworks and authority decisions:

Foreign Intelligence Surveillance Act (FISA)(opens in new tab)

Full Text (COMPS‑1449)

CLOUD Act(opens in new tab)

Clarifying Lawful Overseas Use of Data Act (Official PDF)

Data Governance Act(opens in new tab)

Regulation (EU) 2022/868

Data Act(opens in new tab)

Regulation (EU) 2023/2854

European Health Data Space(opens in new tab)

EHDS (Regulation (EU) 2025/327)

Digital Markets Act(opens in new tab)

DMA (Regulation (EU) 2022/1925)

Digital Services Act(opens in new tab)

DSA (Regulation (EU) 2022/2065)

Artificial Intelligence Act(opens in new tab)

AI Act (Regulation (EU) 2024/1689)

eIDAS 2.0(opens in new tab)

European Digital Identity Framework (Regulation (EU) 2024/1183)

NIS2 Directive(opens in new tab)

Directive (EU) 2022/2555

EU Cybersecurity Act(opens in new tab)

Regulation (EU) 2019/881

Declaration for European Digital Sovereignty(opens in new tab)

2025

GDPR(opens in new tab)

General Data Protection Regulation (Regulation (EU) 2016/679)

DORA(opens in new tab)

Digital Operational Resilience Act (Regulation (EU) 2022/2554)

Assessment Framework for Data Centers(opens in new tab)

JRC131733, 2023

Official French Senate Docket Entry, 10 June 2025(opens in new tab)

Anton Carniaux & Pierre Lagarde (Microsoft France)