IBM Cloud® compliance: EU Model Clauses
Illustration showing two people standing on platforms, with one person looking at a map display and the other regarding a security shield
What are EU Model Clauses?

The European Union regulates the use and transfer of personal data belonging to all EU citizens. To help organizations remain in compliance with EU law, the European Commission (EC) created a set of standard contract clauses (SCC) which are pre-approved by the EC.

These standard contract clauses obligate non-EU companies to follow the laws and practices mandated by the EU. Use of them in a contract provides assurance to any organization contracting with a non-EU company that personal data will be processed in conformance with EU law.

In 2021, the EC published a new set of SCCs, updating them to bring them in line with the EU's General Data Protection Regulation (GDPR).
IBM position

IBM has always put responsible, efficient and transparent data transfers at the core of IBM products and services and have used SCCs as our main mechanism to transfer data in a trusted manner. IBM Cloud services’ SCCs can be found on the IBM Terms site. Please note that the IBM SCC has been updated to the new 2021 SCCs implemented by the EU Commission.
Take the next step

Questions about a compliance program? Need a protected compliance report? We can help.

See more compliance programs