Safe Swiss Cloud is a secure and innovative cloud service for computing, data storage and engineering solutions.
The data stocks of our customers are subject to the strictest data protection. Swiss and EU law prohibits the transfer of customer data to third parties without the consent of the customer. We strictly adhere to this.

Which standards does Safe Swiss Cloud comply with?


Safe Swiss Cloud is certified according to ISO 27001 and is also compliant with the ISO 27018 standard and FINMA-RS 2008/7.

ISO 27001 – Information Security Managment

Safe Safe Cloud is has had the ISO 27001 certification since 2015.

ISO/IEC 27001:2013 specifies the requirements for the creation, implementation, maintenance and continuous improvement of the information security management system in an organisation. For further details please visit the official ISO 27001 website

ISO 27018 – Code of practice for protection of Personally Identifiable Information (PII) in public clouds acting as PII processors

ISO/IEC 27018:2014 defines generally accepted control objectives, controls and guidelines for implementation measures to ensure that personal data is protected in accordance with the privacy principles of ISO/IEC 29100 for Public Cloud Computing Environments. For more details, please visit the official ISO 27018 website.

FINMA Circular 2018/3 – Outsourcing Banks

Circular 2018/3 of the Swiss Financial Market Supervisory Authority (FINMA) describes the conditions under which outsourcing solutions are compliant with requirements for appropriate service providers, banking secrecy and data protection. The official FINMA Circular can be downloaded here as a pdf file.

HIPAAHealth Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.

PCI DSS – Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes.

GDPR – General Data Protection Regulation

The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy for all individual citizens of the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas.

Which data centers are used?


Safe Swiss Cloud uses its own data centers in Switzerland.

Which laws are applicable?


The Swiss Federal Law on Data Protection: SR 235.1 requires respect for the privacy of individuals and companies. Accordingly, Safe Swiss Cloud’s computing resources and data are only available to our customers or to parties authorized by them.

The decision of the European Commission 2000/518/EC (Official Journal L 215/1 of 25.8.2000) states that Swiss law provides adequate protection for personal data and data transfers from member states to Switzerland (Art. 25(1) of the EU Directives).

This means that Safe Swiss Cloud is the optimal choice for European companies that want to ensure compliance with EU data protection directives.