The slogan “Made in Germany” still stands for reliability and high-quality products worldwide. But “Made in Germany” is not only a seal of quality for materialist products; digital services and software also enjoy an excellent international reputation. Data security plays a particularly important role here. A recent Civey study also comes to the same conclusion. 54.7 percent of Germans prefer to entrust their data to companies that store the data on domestic servers, and as many as 65 percent of Germans believe that maintaining digital infrastructure such as data centers in Germany is an important economic factor (Civey). In this article, we show you the advantages of domestic data storage.
Safety First – Data Storage in Germany
Data security is an important factor not only for the external presentation to (potential) customers, but also with regard to legal security for companies. Today, companies are subject to a wide range of IT compliance requirements, including information security, availability and storage. They are liable for compliance with the General Data Protection Regulation and other laws governing the processing of data. Non-compliance can lead to sensitive fines for companies. This also applies if data is stored and processed by third parties, e.g. hosting in the cloud. For example, anyone using personal data to personalize communications in digital dialogue marketing is liable for violations, such as unauthorized access, even if the data is stored on the server of a service provider.
It is also in order to avoid more abstract incidents such as corporate espionage, that data storage on German servers is more secure than in most other countries of the world. Basically, it can be assumed that servers located on German territory are subject to German law. In concrete, if e.g. a foreign authority wants to access your data. As long as no criminal offence has occurred, you are not obliged to provide information to any authority, and certainly not to any foreign authority. Even if a criminal offence has occurred, foreign authorities only have limited access to the necessary data by seeking administrative assistance from German authorities. The same of course also applies to German authorities. However, this only applies to companies that have a server location in Germany in addition to their registered office.
In general it can be stated that, in contrast to some other countries, Germany is a functioning constitutional state in which you can defend yourself against unlawful access to your data in any case, as long as this data is also stored on servers in Germany. This can be a locational advantage.
Standards at European Suppliers are Higher in Case of Doubt
In May 2018, the EU General Data Protection Regulation (GDPR) came into force throughout the European Union, harmonising data protection standards and legal basis within the EU. The GDPR applies to all companies operating in the EU, including US providers offering their services in the EU. However, the US CLOUD (Clarifying Lawful Use of Data) Act, which was passed at about the same time as the GDPR, continues to create uncertainty regarding the use of services provided by US companies in Europe. The law obliges US cloud providers to allow US authorities access to stored data, even if this data is stored outside the USA. It is made clear that applicable national law is not an obstacle to the disclosure of data. Thus, the CLOUD Act clearly opposes the principles of the GDPR and again creates great uncertainty in the use of US cloud services.
As a general rule, you should be familiar with the law of the country in which the hosting is used. For this reason, hosting in Germany or the European Union is recommended.
More Control Over Your Own Data with Private Clouds
Personal data is generally very sensitive. However, there are data that stand out even more and require special protection. For this category of data, it may make sense to separate it from other data at the hardware level and, for example, to store it on a separate hard disk to which you also have physical access. If you have such particularly sensitive data but don’t want to forego the benefits of cloud services, you can use private clouds to gain additional control over your data.
In a private cloud, the server with the data warehouse is operated by an external provider, e.g. the provider of your marketing automation technology, but the data is physically separated from other data and stored on a separate hard disk. The data can therefore be (physically) accurately localized at any time. This has the advantage, among other things, that the data can also be taken along when changing providers by removing the hard disk. When using a private cloud, you can also ensure that data is destroyed in accordance with data protection regulations. You can have the data carriers handed over to you and initiate and control the destruction yourself.
At the hardware level, the private cloud creates an area exclusively assigned to a company that can be further structured as required (e.g. in clients/sub-units of the company). The private cloud offers attractive solutions especially for data processing companies that place particularly high demands on data protection and security.
Data Security is a Real Competitive Advantage
As mentioned in the introduction, surveys show that end customers are more likely to trust companies that store their data on domestic servers. If you are such a company, you should proactively advertise it to your customers. The German server location can be a real competitive advantage over your competitors and can ultimately be noticeably reflected in your revenues
artegic ELAINE – Software Hosted in Germany
artegic AG was awarded the ”Software Hosted in Germany” Seal for the real-time marketing automation technology ELAINE. In addition to the TÜV certification of the ISO standards ISO 27001:2013 and ISO 27018, the company now has another certificate that underlines artegic’s claim to the highest standards in the area of data protection and data security. In addition, artegic is a member of the Certified Senders Alliance CSA. artegic has received several awards for outstanding achievements in the area of data protection and IT security, including the CASED Security Award and the ECO Internet Award.
The seal “Software Hosted in Germany” is awarded for software solutions that can be used via the Internet. In order to be awarded the seal, several requirements must be met. These include, among other things, that:
- the software and data are hosted in a data center in Germany,
- the software and personal data do not leave Germany,
- clearly informing the user or the client of the use of services which forward non-personal data abroad
- the hosting contract is governed exclusively by German law
Bottom Line
Data protection is a particularly sensitive issue in Germany. However, data security is not only a burden, but can also represent a real competitive advantage and thus have a positive effect on your results.