Whitepaper available: Legal risks when using international cloud providers

vom 22.04.2020

Cologne, April 22, 2020 - The Cologne-based cloud technology company gridscale and the business law firm Heuking Kühn Lüer Wojtek are publishing free of charge a comprehensive compendium on legal pitfalls in cloud computing. The practice-oriented guidebook goes far beyond the usual buzzwords on data protection and data security and provides business and IT decision-makers with background information and hands-on assistance in selecting the most suitable cloud provider for them.

Many companies in Germany are considering the services of international cloud providers.
In addition to the major players from the US, Asian suppliers are expected to establish themselves as serious alternatives in this environment. From a legal perspective, however, it should be recognized that the numerous requirements for legitimate and compliant IT operations in Germany are often significantly underestimated and that with a global provider a "clash of cultures" also needs to be managed.

Ongoing uncertainty among small and medium-sized enterprises

"Since the DSGVO came into force, we have been increasingly asked about the most diverse aspects of legal and data security in the cloud. There is still a great deal of uncertainty here, especially among small and medium-sized enterprises. This starts with data protection measures and the allocation of responsibilities and does not end with co-determination by the work council or an obligatory notification of the tax office", CEO Henrik Hasenkamp explains the reasons for teaming up with the experienced business law firm. "With our mutual publication, we want to contribute to further clarification and provide not only our customers, but the entire industry with a value neutral compendium, which is both easy to understand and legally sound."

While German legislation is also very strict in the B2B sector and limits contractual freedoms, many international cloud contracts, against the background of an assumed "common law" and the foreign legal culture, bring with them supposed "practices" that cannot be passed on to customers under German law. In addition: transparency obligations, confidentiality and liability issues are interpreted and defined differently on an international level. Again, managers and IT experts should first carefully evaluate whether the planned transformation into the cloud actually satisfies all legal regulations and their own compliance requirements.

Check-list-like review of key evaluation criteria

"For personal data and business-critical applications, such an assessment naturally applies in a particularly special way. Otherwise, there is the threat of high financial penalties, costly reversal of the transaction and, in the worst case, a longer interruption of IT operations," says Henrik Hasenkamp. "The new compendium focuses on the essentials and provides a checklist-like overview of all important legal assessment criteria for partnering with international cloud providers".

The complete whitepaper is available for download free of charge at

About gridscale
gridscale, IaaS and PaaS provider headquartered in Cologne, stands for easy-to-use and flexible cloud technologies. Via an intuitive interface, the IT infrastructure can be managed by people without in-depth IT know-how and a Kubernetes environment even facilitates the management of cloud-native workloads. Thousands of companies, agencies and managed service providers already rely on gridscale to implement and operate their digital projects – from high-traffic web shops to complex SaaS or enterprise IT solutions. White label options are available to resellers and with the gridscale software ‘Hybrid Core’ data center operators themselves can become cloud providers. gridscale with its about 100 employees is led by Henrik Hasenkamp and Felix Kronlage-Dammers.

    Zurück zur Übersicht