Choosing an EU Cloud Provider in 2026

In this guide

US hyperscalers and their sovereign cloud initiatives

AWS, Azure, and GCP account for roughly two thirds of global cloud spending. All three operate EU data centers and offer data residency options, but as US companies they are potentially subject to US jurisdiction through laws like the CLOUD Act of 2018. The exact reach of this law over data held by foreign subsidiaries remains legally contested, but the concern has driven all three to launch sovereign cloud initiatives, following a common pattern: adding European control on top of US-owned infrastructure.

AWS launched its European Sovereign Cloud in January 2026 in Brandenburg, Germany, operated by German subsidiaries with EU-resident staff and an independent advisory board. The infrastructure has its own root certificate authority, keeping metadata and encryption keys within the EU. However, these subsidiaries remain wholly owned by Amazon.com, Inc.

Google takes a partner-operated approach. In Germany, T-Systems (Deutsche Telekom) acts as a data trustee, holding encryption keys outside Google's infrastructure. In France, Thales co-founded S3NS, a separate French legal entity operating its own dedicated infrastructure under French law, pursuing SecNumCloud certification. Google personnel reportedly have no access to the S3NS environment.

Microsoft declared its EU Data Boundary complete in February 2025 for Azure, Microsoft 365, Dynamics 365, and Power Platform, with limited exceptions for global security operations. For stronger separation, Microsoft has national partner clouds: Bleu (Orange + Capgemini) in France and Delos Cloud (SAP subsidiary) in Germany. Microsoft's own chief legal officer in France reportedly acknowledged before the French Senate that the company cannot fully guarantee EU data is safe from CLOUD Act requests.

Whether the CLOUD Act can compel a US parent to force a foreign-incorporated subsidiary to hand over data has not been definitively resolved by a court. This remains genuinely unsettled law.

A note on sovereignty

"Sovereign cloud" means different things to different providers. At minimum, it typically means data residency within the EU. At the stricter end, it means operational control by EU entities, EU-resident staff only, and legal structures that attempt to limit US jurisdictional reach. No current US hyperscaler offering fully eliminates the link to the US parent company, but the degree of separation varies significantly.

EU cloud providers

A growing number of European companies offer cloud infrastructure that is built, operated, and legally domiciled entirely within the EU. These providers vary in scale and specialization, but they share one advantage: there is no US parent company in the corporate chain.

Full-service cloud platforms

These providers offer the broadest range of services among EU-native clouds, covering compute, storage, networking, Kubernetes, databases, and in most cases AI/GPU infrastructure.

OVHcloud

🇫🇷 France

Europe's largest cloud provider. Founded in 1999, publicly traded on Euronext Paris. Operates its own data centers and manufactures its own servers. Offers bare metal, public cloud (OpenStack), private cloud, managed Kubernetes, and AI/GPU instances.

Scaleway

🇫🇷 France

Subsidiary of the Iliad Group. Developer-friendly cloud with compute, managed Kubernetes, object storage, managed databases, and AI/GPU infrastructure. Data centers in Paris, Amsterdam, and Warsaw.

Gcore

🇱🇺 Luxembourg

Cloud compute, CDN, edge computing, and AI inference APIs. Operates a global network of PoPs with a strong European presence. Offers bare metal, managed Kubernetes, and GPU instances.

Open Telekom Cloud

🇩🇪 Germany

Operated by T-Systems (Deutsche Telekom). Built on OpenStack. Broad IaaS and PaaS services aimed at enterprises and public sector. Data centers in Germany and the Netherlands.

Developer and value clouds

These providers focus on core compute, storage, and networking with competitive pricing and developer-friendly tooling. They may not offer the full breadth of managed services, but excel at the fundamentals.

Hetzner Cloud

🇩🇪 Germany

Known for exceptional price-performance. Virtual servers, load balancers, volumes, object storage, and networking via a clean API and console. Data centers in Germany and Finland. Strong developer following.

UpCloud

🇫🇮 Finland

Finnish provider focused on high-performance compute. Cloud servers, managed databases, object storage, and networking. Reputation for raw compute performance and transparent pricing.

Enterprise and sovereign-focused clouds

These providers prioritize compliance, regulatory requirements, and operations under German/EU law. They target highly regulated industries and public sector organizations.

IONOS

🇩🇪 Germany

Part of United Internet AG. Broad range from shared hosting to dedicated servers, cloud compute, and managed Kubernetes. Data centers in Germany, UK, US, and Spain. Large customer base from SMBs to enterprises.

StackIT

🇩🇪 Germany

Built by the Schwarz Group (Lidl, Kaufland), spun out as independent company in September 2024. Compute, storage, and Kubernetes from data centers exclusively in Germany and Austria. Targets highly regulated industries.

EU cloud providers at a glance

Provider	Country	Compute	Kubernetes	Object Storage	GPU / AI	Bare Metal
OVHcloud	🇫🇷 FR
Scaleway	🇫🇷 FR
Gcore	🇱🇺 LU
Open Telekom Cloud	🇩🇪 DE
Hetzner Cloud	🇩🇪 DE
UpCloud	🇫🇮 FI
IONOS	🇩🇪 DE
StackIT	🇩🇪 DE

The State of EU Clouds in 2026

The European cloud market is maturing. While no single EU provider currently matches the full breadth and depth of services offered by AWS, Azure, or GCP, the situation is improving steadily. Core capabilities around compute, storage, networking, and container orchestration are reliable and production-ready across multiple EU providers.

Specialized services like advanced AI/ML pipelines, extensive serverless ecosystems, or proprietary database engines may still require a US hyperscaler or a multi-cloud approach. But for many workloads, particularly those involving personal data of EU residents, an EU-native cloud provider offers a clearer legal framework and simpler compliance posture.

The sovereign cloud initiatives from US hyperscalers represent a middle ground: familiar tooling with added European controls. Whether these programs offer sufficient sovereignty depends on your organization's risk assessment and regulatory requirements. For the strictest interpretation of data sovereignty, an EU-owned and operated provider remains the most straightforward path.

GDPR does not ban the use of US cloud providers. It requires that personal data transferred outside the EU has adequate protection, which can be addressed through mechanisms like Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework. However, the legal landscape around these mechanisms has been challenged in court (Schrems I and II), and some organizations prefer to avoid the complexity by keeping data with EU-based providers.

The Clarifying Lawful Overseas Use of Data (CLOUD) Act, passed in 2018, allows US law enforcement to compel US-based companies to provide data stored on their servers, regardless of where that data is physically located. This creates a potential conflict with GDPR, as a US court order could require a company to disclose data that EU law protects.

Many organizations do use US hyperscaler sovereign cloud offerings while maintaining GDPR compliance. These programs add technical and operational controls designed to address data residency and access concerns. Whether they are sufficient depends on your specific use case, the sensitivity of the data involved, and your organization's interpretation of regulatory requirements.

OVHcloud and Scaleway offer the broadest range of services among EU-native providers, covering compute, storage, networking, Kubernetes, databases, and AI/GPU infrastructure. However, if you depend heavily on specific hyperscaler services (like AWS Lambda, Azure AD, or BigQuery), there may not be a direct EU equivalent, and migration would require architectural changes.