Skip to content
Independently verified · Quarterly re-audit
EU VETTED

luckycloud

VERIFIED
File sharing · Germany
Founded 2015 · luckycloud.de ↗

Berlin-based German zero-knowledge cloud (luckycloud GmbH, 2015), own DCs in Berlin/Nuremberg/Frankfurt, ISO 27001 BSI.

In short

luckycloud, in the File sharing category, is an EU-owned service with Germany as its hosting location and no identified CLOUD Act exposure.

Assessment notes

luckycloud GmbH (Berlin, Solmsstr. 26; HRB 169276 B Charlottenburg; founded 2015 by Luc Mader who built the precursor in 2007 at a Berlin university) operates its own server infrastructure across three ISO 27001 / BSI-certified German data centres (Berlin, Nuremberg, Frankfurt), with zero-knowledge encryption + triple-encryption layering + open-source code; no VC/PE investors, founder-led, multiple TÜV Süd / eco / Alliance for Cyber Security trust signals; EU-owned, own German data centres, ISO 27001 + BSI, public DPA, zero-knowledge E2E encryption, no CLOUD Act exposure.

CLOUD ACT
OWNERSHIP
SUB-PROCS
not disclosed
Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About luckycloud

luckycloud is a Berlin-based zero-knowledge encrypted cloud-storage product operated by luckycloud GmbH at Solmsstraße 26, registered with the Charlottenburg Local Court under HRB 169276 B (VAT DE301776461; managing director Luc Mader). The product traces back to 2007 when Mader built an online platform at his Berlin university to share study materials with friends; the commercial company was founded in 2015 and serves SMBs and consumers across DACH. The product line covers luckycloud One (consumer), Teams, Business, and Enterprise tiers with client-side encryption as a default feature across all plans.

For an EU-sovereignty audit luckycloud is one of the cleanest pure-German listings in the directory. The infrastructure is fully owned and operated by the company itself (luckycloud GmbH creates, manages, and maintains the IT stack independently) across three ISO 27001 / BSI-certified German data centres in Berlin, Nuremberg, and Frankfurt. The product is built on open-source software (the file-sync stack uses luckycloud's own in-house Sync Client which replaced an earlier Seafile-based stack; OnlyOffice powers document editing) and follows a strict zero-knowledge principle with triple-encryption layering: vendor cannot access plaintext customer data. Trust signals include TÜV Süd certification, NETZSIEGER recognition, "Deep Tech" certification, eco Award 2019, and Alliance for Cyber Security membership. Founder-led, no VC/PE investors.

Pricing was not directly captured at audit (the /en/pricing path returned 404; main pricing surface is on /pricing or /preise on the German site); the model is paid SMB-and-up with no consumer freemium tier observable. Best fit: German and DACH SMBs and consumers wanting a fully-German alternative to Dropbox / OneDrive / Google Drive with own-DC infrastructure, zero-knowledge encryption, and a small founder-led counterparty. Together with Filen, Cryptee, Internxt, Proton Drive, Tresorit, Nextcloud (self-host), and kDrive, luckycloud is part of the directory's top-tier EU-owned file-sharing shortlist.

SUB-PROCESSORS

Sub-processor map · not disclosed

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.
CERTIFICATIONS

Frameworks & certifications

ISO/IEC 27001
ACTIVE
FEATURES

Capability matrix

Paid storage (from) 10 GB
Max file size 8 GB
Photo sync Yes
File versioning Yes
Link sharing Yes
Platforms iOS macOS Windows Android Linux Web
INTEGRATION & ACCESS
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Pricing & tiers

PAID
Custom pricing

Contact vendor for tier or volume pricing.

View pricing page ↗
PUBLIC DOCUMENTS

Public documents

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.
  • Data Processing Addendum (DPA)
    luckycloud.de/de…
    Open ↗
  • Sub-processors list
    — missing
    missing
ALTERNATIVES

Alternatives in this category

Proton Drive
Switzerland · Founded 2014
EU-SOVEREIGN

Swiss zero-knowledge encrypted cloud (Proton AG, non-profit-foundation-controlled), 11,496 owned servers, ISO 27001 + SOC 2, 5 GB free.

Public DPA Sub-processors Open source
FROM
€4/mo
CLOUD ACT
NONE
Tresorit
Switzerland · Founded 2011
EU-HOSTED

Swiss-Post-owned (state-anchored) E2E encrypted enterprise cloud storage (Tresorit AG, Zurich), Swiss + EU DC options, ISO 27001.

Public DPA Sub-processors Open source
FROM
€10/mo
CLOUD ACT
MATERIAL
kDrive (Infomaniak)
Switzerland · Founded 1994
EU-SOVEREIGN

Swiss kDrive cloud (Infomaniak, Geneva, since 1994), own Swiss DCs, ISO 27001 + B Corp 2025, district-heating heat recycling.

Public DPA Sub-processors Open source
FROM
€4/mo
CLOUD ACT
NONE