โ† All providers

Hetzner

Cloud IaaSLow RiskVerified 2026-03-05
Visit website
Overview
Headquarters๐Ÿ‡ฉ๐Ÿ‡ช DEGunzenhausen
US IncorporatedNo
CLOUD Act ExposureNo
NotesGerman-owned infrastructure provider, HQ Gunzenhausen, Bavaria. ISO/IEC 27001:2022 and PCI DSS 4.0 certified.
Regions (6 in 4 countries)
๐Ÿ‡ฉ๐Ÿ‡ช DE
Falkenstein ยท Falkenstein
Nuremberg ยท Nuremberg
๐Ÿ‡ซ๐Ÿ‡ฎ FI
Helsinki ยท Helsinki
๐Ÿ‡บ๐Ÿ‡ธ US
Ashburn ยท Ashburn
Hillsboro ยท Hillsboro
๐Ÿ‡ธ๐Ÿ‡ฌ SG
Singapore ยท Singapore
Compliance & Data

Certifications

โœ— SOC 2โœ“ ISO 27001โœ“ GDPRโœ— HIPAAโœ“ PCI DSS

Data Types Handled

Application DataLogs
Applicable Laws (5)

Applies to businesses meeting revenue or data volume thresholds that handle California residents' data.

Max fine: USD 7,500 per intentional violationvia ๐Ÿ‡บ๐Ÿ‡ธ US
CLOUD ActUnited States

Any US-incorporated provider or subsidiary may be compelled to disclose data regardless of where it is stored.

Max fine: Contempt of court penaltiesvia ๐Ÿ‡บ๐Ÿ‡ธ US

Cross-border transfers require comparable protection standards in the receiving country.

Max fine: SGD 1M or 10% of annual turnovervia ๐Ÿ‡ธ๐Ÿ‡ฌ SG

Cross-border transfers to non-adequate countries require SCCs, BCRs, or other safeguards.

Max fine: 4% of global annual turnover or EUR 20Mvia ๐Ÿ‡ซ๐Ÿ‡ฎ FI, ๐Ÿ‡ฉ๐Ÿ‡ช DE
FISA Section 702United States

US providers may be subject to surveillance orders targeting non-US persons, creating risk for EU data subjects.

Max fine: Contempt of court penaltiesvia ๐Ÿ‡บ๐Ÿ‡ธ US