.jpg?cache-buster=2025-06-26T15:37:04.954Z)
ISO/IEC 27018
Nebius aligns with ISO/IEC 27018:2019, the internationally recognized standard for the protection of personal data in cloud computing.
This standard provides guidelines based on ISO/IEC 27002 and ISO/IEC 29100, with a specific focus on safeguarding Personally Identifiable Information (PII) in public cloud environments.
Following ISO/IEC 27018 demonstrates our commitment to protecting personal data entrusted to us, ensuring that it is handled responsibly and transparently in line with global best practices.
To meet the requirements of ISO/IEC 27018, Nebius:
-
Implements controls designed specifically to protect PII in cloud environments, ensuring confidentiality, integrity, and availability of personal data.
-
Maintains strict processes for obtaining and documenting customer consent and for limiting data processing to agreed purposes.
-
Provides transparency around where and how personal data is processed and ensures customer control over its use.
-
Applies additional safeguards to support compliance with privacy regulations and reinforce trust in cloud services.
Our adherence to ISO/IEC 27018 underlines Nebius role as a responsible cloud provider, enabling customers to use AI cloud services with confidence that their data is processed securely and in accordance with internationally accepted privacy principles.
Questions and answers
ISO/IEC 27018 is the first international standard focusing on protecting personal data in public cloud environments. For Nebius, it confirms that we follow structured and transparent practices for safeguarding PII, supporting customer compliance with privacy regulations such as GDPR.