Aller au contenu
Vérifié indépendamment · Ré-audit trimestriel
EU VETTED

STACKIT

VéRIFIé
Cloud & hébergement · Germany
Fondé en 2019 · stackit.com ↗

German sovereign cloud built by Schwarz Digits (Lidl/Kaufland parent), 4 EU DCs, EU Cloud III €180M winner with SEAL-3 highest rating.

En bref

STACKIT, dans la catégorie Cloud & hébergement, est un service sous contrôle européen avec Germany comme lieu d’hébergement et aucune exposition identifiée au CLOUD Act.

Notes d’évaluation

STACKIT (Bad Friedrichshall, German Schwarz Digits, the IT arm of privately-held Schwarz Group, parent of Lidl and Kaufland) is built explicitly as a sovereign-cloud alternative to AWS/Azure/GCP: ISO 27001 + BSI C5 + EUCS-aligned + DORA-ready, four EU data centres (Neckarsulm DC01, Ellhofen DC08, Ostermiething Austria DC10, fifth Lübbenau under construction), winner of the European Commission's €180M Cloud III tender (April 2026, SEAL-3 highest sovereignty rating) and the Dutch Ministry of Justice & Security SLM Rijk framework; EU-owned and EU-hosted with no CLOUD Act exposure.

CLOUD ACT
OWNERSHIP
SUB-PROCS
non divulgué
Signaux vérifiés
Juridiction
  • Hébergement UE / adéquation
  • Opérateur UE / adéquation
  • Aucune exposition au CLOUD Act
Transparence
  • DPA public
  • Sous-traitants divulgués
  • Clients open source
  • Certification tierce
JUMP TO
OVERVIEW

À propos de STACKIT

STACKIT is the sovereign cloud built by Schwarz Digits, the IT and digital division of the privately-held Schwarz Group, parent of the European discount-retail giants Lidl and Kaufland. Headquartered in Bad Friedrichshall, Germany (Am Campus 1, 74177), STACKIT runs four European data centres at Neckarsulm (DC01, Schwarz Group HQ campus), Ellhofen (DC08, Heilbronn region), Ostermiething (DC10, Salzburg, Austria), and a fifth facility under construction in Lübbenau, Germany. The Schwarz Group has invested approximately €11B in STACKIT, making it one of the most heavily-capitalised European cloud-sovereignty bets and a structurally different proposition from VC-funded EU cloud upstarts: the parent retailer is a private German Stiftung-controlled group with €146B annual turnover, with no PE or US-VC exposure on the cap table at any layer.

Sovereignty positioning is the entire product thesis. STACKIT markets itself as "100% European DNA" with the trio "Skalierbar. Sicher. Souverän" (scalable, secure, sovereign). The compliance footprint covers ISO 27001, BSI C5, EUCS (European Cybersecurity Certification Scheme for cloud services, ENISA), DORA-ready ICT-third-party status for regulated financial services, GDPR, and the Schwarz Group's own ES³ (European Sovereign Stack Standard) internal sovereignty measurement framework. The procurement validation came in two moves during 2026: (1) selection as one of four winners of the European Commission's €180M Cloud III sovereign-cloud framework (April 2026), with the highest SEAL-3 rating signifying engineering against supply-chain disruptions originating outside the EU; and (2) selection by the Dutch Ministry of Justice and Security under the SLM Rijk framework as a sovereign cloud alternative.

The product surface spans 11+ categories: infrastructure (compute, block/object storage, networking), managed databases, managed Kubernetes, AI workloads, and colocation. Pricing is via a configurable STACKIT Calculator; specific entry-tier figures were not captured at audit but the product is positioned mid-market to enterprise rather than indie/SMB. Best fit: EU public-sector procurement (post-Cloud III tender), DORA-regulated financial services, large EU corporates needing a non-VC-funded sovereign cloud, and any organisation aligning with Gaia-X or the EU Tech Sovereignty Package. Together with Hetzner, OVHcloud, and Scaleway, STACKIT forms the four-pillar EU hyperscaler-alternative stack on this directory.

SUB-PROCESSORS

Carte des sous-traitants · non divulgué

L'éditeur ne publie pas de liste de sous-traitants. La conformité Schrems II et l'exposition au CLOUD Act ne peuvent pas être vérifiées indépendamment sans elle.
CERTIFICATIONS

Référentiels & certifications

ISO/IEC 27001
ACTIVE
C5
ACTIVE
EUCS
ACTIVE
FEATURES

Matrice de fonctionnalités

Dédié / bare-metal Non
Stockage objet (S3) Oui
Kubernetes managé Oui
Bases managées Oui
Instances GPU Oui
Facturation horaire Oui
API / Terraform Oui
Pays 2 pays
INTéGRATION & ACCèS
REST API Yes
SSO (SAML / OIDC) Yes
CONFORMITé & GOUVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Tarifs & paliers

PAYANT
Tarifs sur mesure

Contactez l’éditeur pour les tarifs par palier ou volume.

Voir la page tarifs ↗
PUBLIC DOCUMENTS

Documents publics

L'éditeur ne publie pas de liste de sous-traitants. La conformité Schrems II et l'exposition au CLOUD Act ne peuvent pas être vérifiées indépendamment sans elle.
  • Contrat de sous-traitance (DPA)
    www.stackit.de/wp-content…
    Ouvrir ↗
  • Liste des sous-traitants
    — manquant
    manquant
ALTERNATIVES

Alternatives dans cette catégorie

Aruba Cloud
Italy · Fondé en 1994
SOUVERAIN UE

Italian sovereign cloud (Aruba S.p.A.), 4 Italian DCs (Arezzo/Bergamo/Rome), ACN-qualified up to AI3/QC3 for public administration.

DPA public Sous-traitants Open source
FROM
€1/mois
CLOUD ACT
NONE
Cleura
Sweden · Fondé en 2005
SOUVERAIN UE

Swedish OpenStack public + compliant cloud (Cleura, ex-City Network, Iver-owned), ISO 27001/27017/27018, EU-only residency.

DPA public Sous-traitants Open source
FROM
CLOUD ACT
NONE
Clever Cloud
France · Fondé en 2010
SOUVERAIN UE

PaaS/IaaS souverain français : applications et bases managées sur infrastructure européenne, facturées à la seconde.

DPA public Sous-traitants Open source
FROM
€4.8/mois
CLOUD ACT
NONE