Data Privacy Compliance in the Cloud
Made Easy

Understand Cloud and Data Protection Law in only 4 easy steps. Plus highly relevant legal information for 33 countries. Provided by EuroCloud and 53 European lawyers.

The 4th version of the StarAudit Catalogue has been released


We've introduced a new Area focused on GDPR and several enhancements to existing controls as part of this major update.

Over the past 12 months, we have worked very intensively on updating the StarAudit Catalogue and amending it with controls in connection with the GDPR. It has been a long journey to which many people actively made important contributions, and a number of small corrections were made as well.

New Control Catalogue

The 4th version of the Control Catalogue is now finally ready. The core improvement in the new version is the introduction of a new control area, namely Area 07 “Data Protection”. The existing control areas, especially Area 03were also evaluated in terms of their coherency with the new area and adapted accordingly.

New GDPR Area

The new Area 7 features nearly 30 new controls addressing the requirements for cloud providers under the European General Data Protection Regulation. It does not represent a GDPR certificate (for data processors), however; rather, it is intended as a suitable and comprehensive list of requirements that a data controller (i.e. the cloud service customer) can expect from its data processor (i.e. the cloud service provider).

Download & Availability

The new StarAudit Catalogue is available for download in the Publications section of the StarAudit website.

Integration into the Assessment Tool

The 4th version of the Catalogue has been fully integrated into the StarAudit Assessment Tool as well. In order to use the latest StarAudit Catalogue, you need to create a new or edit an existing project in the Assessment Tool, select "Structure", add a new Assessment and select the associated template for v4.0. After saving the structure, you will be able to navigate through all the areas and controls.

The 4th version of the Catalogue has now become the standard to achieve a StarAudit Certificate.


53 lawyers from 33 countries are contributing to the project “Cloud Privacy Check (CPC)” in 26 different languages.

Understanding the complexity of current European data protection laws and regulations is already difficult enough for an IT engineer, buyer, or business user. In combination with the often small but nevertheless significant differences between various EU member states, however, it can become an almost insurmountable challenge without proper juristic accompaniment from the very start... Read More



The CPC is a trusted, not-for-profit international network of qualified professionals who deliver simplified and straight-forward guidance to help navigate the legal and regulatory environment relating to privacy and the cloud. This is done through collective know-how, research and market analysis gained from pan-European industry activity, collaboration and experience. Our mission is to provide authoritative views, information and practical solutions to two principal stakeholders: industry professionals and public authorities.