Amazon Web Services complies with the Cloud Infrastructure Services Providers in Europe (CISPE) Code of Conduct. This is important because CisPE rules help cloud users ensure that their cloud provider has the controls, policies, and data protection standards that help protect data so that it is also GDPR compliant. In addition, several services have been declared CISPE compliant under the AWS roof, including: the AWS Cloud is already used EU-wide by startups, government authorities, educational institutions and large companies such as Réseau Ferré de France and Veolia in France, St James`s Place and Shell in the UK, talanx and Hubert Burda Media in Germany. AWS customers have always had the freedom to choose where they store and process their content, with the certainty that AWS does not relocate them from the region they have chosen. Customers have access to 11 AWS Regions around the world, including two in the EU – Ireland (Dublin) and Germany (Frankfurt) – which are made up of multiple Availability Zones where customers can build highly secure and available applications. DPA with model clauses gives AWS customers more choice when it comes to data protection and ensures that their content enjoys the same high level of data protection, in accordance with European law, regardless of the AWS infrastructure region they choose worldwide. The DPA is now available on request to all customers who need it. In accordance with the provisions of the GDPR, you act either as a data processor or as a data controller. Depending on your role, you have different responsibilities under the GDPR. Amazon acts as a data caterer in this regard and is responsible for protecting the infrastructure in which your applications and data are hosted, as well as other infrastructure. AWS provides customers and APN Partners with a series of tools to protect their data and protect it from cyberattacks.

One such tool is AWS Shield. It is a Distributed Denial of Service (DDoS) protection service to protect websites and applications that run on AWS. AWS Shield Standard is available at no additional cost and provides constant detection and automatic online risk reductions that can minimize application downtime and latency. APN customers and partners can subscribe to AWS Shield Advanced for greater protection against attacks against web applications running on AWS and using ELB, Amazon CloudFront, and Amazon Route 53 resources.