| SOV-1 Strategic Sovereignty | SEAL-0 | |
| SOV-2 Legal & Jurisdictional Sovereignty | SEAL-1 | |
| SOV-3 Data & AI Sovereignty | SEAL-0 | |
| SOV-4 Operational Sovereignty | SEAL-1 | |
| SOV-5 Supply Chain Sovereignty | SEAL-1 | |
| SOV-6 Technology Sovereignty | SEAL-0 | |
| SOV-7 Security & Compliance Sovereignty | SEAL-1 | |
| SOV-8 Environmental Sustainability | SEAL-1 |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-1.1 | EU/EEA legal entity control | 3. Mostly within the EU | 83/125 | SEAL-3 | high | Parent is Platform.sh SAS, a French entity (RCS Paris), but it has a US subsidiary (San Francisco) and a UK Ltd, so control is mostly-within-EU (opt3) rather than entirely EU (src: https://www.bcorporation.net/en-us/find-a-b-corp/company/platformsh/). |
| SOV-1.2 | Change of control risk | 3. Somewhat likely takeover/transfer to non-EU sovereign entity | 63/125 | SEAL-4 | medium | VC-backed Series D scale-up with non-EU lead capital (Morgan Stanley Expansion Capital, Digital+Partners) alongside EU funds; unprofitable scale-up makes transfer to a non-EU buyer somewhat likely (seal 4 regardless). |
| SOV-1.3 | Control over roadmap | 2. Through 'voice of the customer' public channels | 42/125 | SEAL-2 | medium | Roadmap set commercially by the company; customer influence only via product feedback / public channels and open-source issue trackers, no formal EU governance body -> opt2. |
| SOV-1.4 | Financial independence from non-EU capital | 3. Balanced mix of EU and non-EU funding | 63/125 | SEAL-4 | medium | Balanced mix: EU investors (Eurazeo, Revaia, Partech) alongside significant non-EU capital (US-led Series D, BGV) -> opt3 (seal 4 regardless). |
| SOV-1.5 | EU economic contribution | 3. Balanced EU/non-EU | 63/125 | SEAL-4 | medium | French HQ and EU operations contribute in the EU, but substantial US operations (San Francisco/Austin offices, US revenue) make contribution broadly balanced -> opt3 (seal 4 regardless). |
| SOV-1.6 | Participation in EU strategic programs | 2. Limited participation | 31/125 | SEAL-4 | low | No clear evidence of Gaia-X or IPCEI-CIS participation; at most limited involvement in EU strategic programs -> opt2 (seal 4 regardless). |
| SOV-1.7 | Alignment with EU industrial strategies | 2. Existing action plan | 42/125 | SEAL-4 | low | B Corp with sovereignty messaging but no documented governance / measured achievement tied to EU industrial strategy beyond general intent -> opt2 (seal 4 regardless). |
| SOV-1.8 | Resilience to cut-off | 2. Service would stop, with delay for customer reaction | 31/125 | SEAL-0 | high | No own_stack: PaaS layered on non-EU hyperscalers (AWS/Azure/GCP); if a primary IaaS dependency were cut off the service would stop with delay to migrate, not continue autonomously -> opt2 (seal 0). Gating. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-2.1 | Primary legal jurisdiction | 2. Mixed EU/non-EU | 84/167 | SEAL-1 | high | Mixed jurisdiction: French SAS plus a US subsidiary and US-law hyperscaler infrastructure, so not exclusively EU law -> opt2 (src: https://upsun.com/trust-center/legal/impressum/). |
| SOV-2.2 | Extraterritorial laws exposure | 2. Mitigation clauses, exposure remains | 42/167 | SEAL-1 | high | No immunity: EU parent but a US subsidiary and US-hyperscaler reliance keep US extraterritorial exposure; only mitigation clauses exist -> opt2. |
| SOV-2.3 | Data access pathways for non-EU authorities | 2. Can compel access without notification, specific cases | 42/167 | SEAL-1 | high | foreign US nexus (US subsidiary + workloads on US hyperscalers) -> US CLOUD Act/FISA can compel access without notification in specific cases -> opt2 (seal 1). Gating. |
| SOV-2.4 | Export control restrictions | 3. Share of revenues >50% in the EU | 84/167 | SEAL-2 | low | No EU-targeted export restrictions; substantial EU revenue but large US customer base means EU share not clearly dominant -> opt3. |
| SOV-2.5 | Origin of IP | 4. Mostly within the EU | 125/167 | SEAL-4 | medium | Core Platform.sh/Upsun platform, CLI, SDKs and runtime spec are developed by the EU-HQ company (French founders); IP mostly EU-originated though built by a distributed team (seal 4 regardless). |
| SOV-2.6 | IP holder jurisdiction | 3. Mixed law, some EU | 84/167 | SEAL-3 | medium | IP held across the group including a US subsidiary, so governed by mixed law with an EU (French SAS) component -> opt3. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-3.1 | Customer control over encryption keys | 2. Primarily provider, not exclusively | 50/200 | SEAL-1 | medium | Encryption keys provider-managed by default; customers get a Vault KMS for their own secrets but the provider holds underlying infrastructure keys -> primarily provider, not exclusively -> opt2. |
| SOV-3.2 | Transparent data flows & access logs | 3. Logs exist but not real-time / vendor-controlled | 100/200 | SEAL-2 | medium | Access/activity logs and observability provided but vendor-controlled and not real-time independently auditable oversight of provider/hyperscaler access -> opt3. |
| SOV-3.3 | Secure deletion & proof of erasure | 3. Internal validation per policy, no proof | 100/200 | SEAL-1 | low | Deletion follows documented policy on project deletion with internal validation, no published independently verified proof-of-erasure -> opt3 (internal validation per policy). |
| SOV-3.4 | Data location strictly in EU/EEA | 2. Partly EU, significant third-country reliance | 50/200 | SEAL-0 | high | No eu_exclusive: global product offers many third-country regions (US, Canada, Australia, plus AWS/Azure/GCP/OVH) and runs control-plane/subprocessors outside the EU; partly EU with significant third-country reliance -> opt2 (seal 0). Gating (src: https://support.platform.sh/hc/en-us/articles/8138808781458-Where-in-the-world-is-my-project-s-data-located). |
| SOV-3.5 | AI services sovereignty | 3. Mixed: auditable/open-source AI, foreign chips | 100/200 | SEAL-2 | low | Deployment platform, not an AI provider; any AI/ML relies on foreign accelerators in the underlying hyperscalers with no EU-sovereign AI offering -> opt3 (mixed/foreign chips). |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-4.1 | Portability & interoperability | 3. Standard documented data export methods | 84/167 | SEAL-4 | high | Git-driven platform with documented export, open-source CLI/SDKs and config-as-code (YAML) -> standard documented data export methods -> opt3 (seal 4). |
| SOV-4.2 | Ability to operate without foreign dependencies | 2. Ops partially sourced within EU | 42/167 | SEAL-1 | high | No eu_ops: globally distributed engineering/ops with significant US presence and US-hyperscaler operations -> ops partially sourced within EU -> opt2. |
| SOV-4.3 | Skill availability in the EU | 2. Mixed, majority outside EU | 42/167 | SEAL-1 | medium | Globally distributed remote workforce with substantial non-EU (US) staff; skills mixed, not predominantly EU -> opt2. |
| SOV-4.4 | Support channels | 2. Mixed, majority outside EU | 42/167 | SEAL-2 | medium | 24/7 follow-the-sun support including US, so a majority of coverage is not EU-confined -> opt2. |
| SOV-4.5 | Documentation & knowledge transfer | 2. EU optional, not enforced | 42/167 | SEAL-2 | low | Documentation/knowledge is public/global (developer center, docs, GitHub); EU-only handling not enforced -> EU optional, not enforced -> opt2. |
| SOV-4.6 | Subcontractor & supplier jurisdiction | 2. Service would stop with delay | 42/167 | SEAL-2 | high | Critical subcontractors are US hyperscalers; loss of one stops the service with delay to migrate, not seamless continuity -> opt2. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-5.1 | Origin of components (physical parts) | 1. No disclosure | 0/143 | SEAL-1 | low | consistency (hyperscaler-PaaS cluster norm 5.1=opt1): as a PaaS it owns no hardware and the physical component origin set by the hyperscaler/OVH datacenters is not disclosed to Platform.sh's customers -> opt1 (no disclosure, seal 1). |
| SOV-5.2 | Manufacturing location | 1. Fully foreign, black box | 0/143 | SEAL-1 | low | consistency (hyperscaler-PaaS cluster norm 5.2=opt1): underlying servers are manufactured/operated by the foreign hyperscalers, a black box from Platform.sh's perspective with no disclosure -> opt1 (seal 1). |
| SOV-5.3 | Embedded code/firmware provenance | 2. Partial disclosure | 36/143 | SEAL-4 | low | Firmware/embedded code in underlying hardware controlled by hyperscaler suppliers, partial disclosure -> opt2 (seal 4 regardless). |
| SOV-5.4 | Origin of software | 4. Large majority maintained by EU teams | 107/143 | SEAL-3 | medium | Not foreign_core (genuine differentiator vs US members): the orchestration/CLI/SDKs/runtime images are designed and largely maintained by the EU-HQ (French) company and substantially open-source -> large majority maintained by EU teams -> opt4 (src: https://github.com/platformsh). |
| SOV-5.5 | Software build/release jurisdiction | 3. Non-EU control, EU execution | 72/143 | SEAL-3 | low | Software controlled by the EU parent but built/released by a distributed team with CI partly on US infrastructure -> non-EU execution element; EU execution present -> opt3. |
| SOV-5.6 | Single point of dependency | 3. Few non-EU in critical services / documented | 72/143 | SEAL-2 | high | Few non-EU dependencies in critical services (the hyperscaler IaaS plus US SaaS subprocessors), documented in the subprocessor list -> opt3 (seal 2). |
| SOV-5.7 | Supply chain transparency | 3. Critical suppliers auditable | 72/143 | SEAL-2 | low | Subprocessor list published and critical hosting suppliers are certified/auditable, but full end-to-end supply-chain auditability not provided -> critical suppliers auditable -> opt3. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-6.1 | Interoperability & open interfaces | 4. Standards-based and broadly compatible | 150/200 | SEAL-3 | high | Standards-based git/container-driven platform with open APIs, open-source CLI/SDKs and documented config -> standards-based and broadly compatible -> opt4. |
| SOV-6.2 | Open standards compliance | 4. Policy for most core services | 150/200 | SEAL-3 | medium | Core services rely on open standards (Git, OCI/containers, standard runtimes, SSH, HTTP) for most services -> policy for most core services -> opt4. |
| SOV-6.3 | Open source availability | 3. Open source, centralised governance | 100/200 | SEAL-3 | medium | Significant components (CLI, SDKs, runtime specs, tools) open-source on GitHub, but core orchestration/control plane proprietary with centralised governance -> open source, centralised governance -> opt3. |
| SOV-6.4 | Service architecture transparency | 4. Large corpus of public insight | 150/200 | SEAL-3 | medium | Extensive public documentation, developer center, blog and open-source code -> large corpus of public insight -> opt4. |
| SOV-6.5 | HPC sovereignty | 1. Imported black-box HPC | 0/200 | SEAL-0 | low | No EU-sovereign HPC; any HPC would be imported black-box hyperscaler hardware -> opt1 (imported black-box HPC, seal 0). Gating. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-7.1 | Security certification (EAL) | 3. EAL2 | 72/143 | SEAL-2 | high | certs: ISO 27001 + SOC 2 Type 2 + PCI DSS Level 1 + HIPAA (no SecNumCloud/EUCS-High/Common Criteria EAL); per key ISO 27001 + SOC 2 maps to opt3 (EAL2-equiv, seal 2) (src: https://upsun.com/solutions/compliance-and-governance/). |
| SOV-7.2 | EU regulatory compliance (GDPR/NIS2/DORA) | 4. Partial compliance to most | 107/143 | SEAL-4 | high | Strong independently audited posture: GDPR (DPA), ISO 27001, SOC 2 Type 2, PCI DSS Level 1, HIPAA; partial compliance to most major EU frameworks, full NIS2/DORA not demonstrated -> opt4 (seal 4 regardless). |
| SOV-7.3 | EU-based SOC & incident handling | 2. Hybrid EU/non-EU | 36/143 | SEAL-1 | medium | Security/incident handling run by globally distributed 24/7 teams -> hybrid EU/non-EU SOC -> opt2. |
| SOV-7.4 | Control over security monitoring/logging | 3. Basic monitoring portal | 72/143 | SEAL-1 | medium | Customers get monitoring/observability and log access via portal, but full immutable customer-controlled EU-stored logging is not standard -> basic monitoring portal -> opt3. |
| SOV-7.5 | Disclosure of incidents | 3. Moderate (GDPR/NIS2-aligned) | 72/143 | SEAL-2 | medium | Incident disclosure GDPR/contractually aligned with breach-notification commitments -> moderate, GDPR/NIS2-aligned -> opt3. |
| SOV-7.6 | Maintenance autonomy | 3. Moderate autonomy (notice + testing, except zero-day) | 72/143 | SEAL-4 | low | Managed platform; customers control app deployments with notice/testing windows for platform maintenance -> moderate autonomy -> opt3 (seal 4). |
| SOV-7.7 | Auditability | 2. Limited independent access | 36/143 | SEAL-1 | medium | No audit_rights: audit evidence via SOC 2/ISO reports and provider certifications only, not full independent audit by any entity -> limited independent access -> opt2. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-8.1 | Energy efficiency (PUE) | 3. PUE < 1.5 + roadmap | 125/250 | SEAL-4 | low | Runs on hyperscaler/OVH datacenters that publish PUE typically <1.5 with efficiency roadmaps; Platform.sh owns no facilities -> opt3 (PUE<1.5 + roadmap) (src: https://corporate.ovhcloud.com/en/sustainability/). |
| SOV-8.2 | Hardware reuse & recycling | 3. Documented program | 125/250 | SEAL-3 | low | Hardware reuse/recycling governed by the underlying hyperscaler/OVH circular-economy programs which are documented; no own-hardware program -> documented program -> opt3. |
| SOV-8.3 | Environmental impact reporting | 2. Basic reporting | 63/250 | SEAL-1 | low | As a B Corp it reports some sustainability info but no detailed EU-methodology environmental impact report for the service -> basic reporting -> opt2. |
| SOV-8.4 | Energy supplies | 3. Mix of EU and non-EU supplies | 125/250 | SEAL-4 | low | Energy supply depends on datacenters used; mix of EU (OVH/Azure FR) and non-EU (US AWS/Azure/GCP) regions -> mix of EU and non-EU supplies -> opt3 (seal 4 regardless) (src: https://corporate.ovhcloud.com/en/sustainability/). |