Back to all articles
TechnologyJanuary 8, 20266 min

Dutch Cloud vs Azure: What Is the Difference for AI?

Data in Europe is not the same as data under European law. For government organizations and consultancies, that distinction is crucial.

Modern server room — Dutch cloud infrastructure

'Our data is in Europe, so we are compliant.' It is a statement you hear often. But it is not entirely accurate.

For government organizations, healthcare institutions, and consultancies that work with sensitive information, the difference between a Dutch cloud and Azure, Google Cloud, or AWS is crucial — even when the latter three have servers physically located in the Netherlands.

The misconception about European servers

Microsoft Azure has data centers in the Netherlands and other EU countries. Google Cloud and AWS do too. And yet, those data centers fall under American legislation.

The reason: the Cloud Act of 2018. This American law requires American companies to hand over data at the request of American law enforcement agencies — even when that data is physically located in Europe. It does not matter whether the data is in Amsterdam, Frankfurt, or Dublin: if an American company manages it, the Cloud Act applies.

'Data in Europe' is therefore not the same as 'data under European law'.

What does this mean for AI?

When you use AI via Azure Copilot, Google Vertex, or AWS Bedrock, you process data through the infrastructure of an American company. The AI models run on their servers. The data you input — documents, queries, responses — passes through their systems.

For most use cases, that is fine. But for government organizations that work with citizen data, for lawyers with confidential case files, or for companies with sensitive intellectual property, the Cloud Act is a real risk. The question is whether you as an organization can guarantee that your data falls exclusively under Dutch and European law.

With Azure or AWS, you cannot.

The practical differences

  • Legal jurisdiction: Azure/AWS fall under the Cloud Act. A Dutch cloud falls under Dutch and European law.
  • Audit trail: soev.ai logs every interaction in full. With generic cloud AI, this is limited.
  • Model training: large cloud providers train models on user data unless disabled. soev.ai never trains on your data.
  • Vendor lock-in: Azure and Google bind you to their ecosystem. soev.ai is cloud-agnostic and open source.
  • GDPR compliance: Azure Copilot has failed the GDPR assessment for multiple Dutch government organizations. soev.ai has not.

So what is a Dutch cloud?

A Dutch cloud is managed by a Dutch company, on Dutch servers, under Dutch law. There is no foreign parent company that falls under a different jurisdiction.

soev.ai runs in Dutch data centers operated by Dutch hosting partners, all ISO 27001-certified. Data never leaves the Netherlands. And because soev.ai is open source, there is no dependency on a single vendor.

Frequently asked questions

Is Microsoft 365 also a problem then?

Microsoft 365, as a product of an American company, also falls under the Cloud Act. For AI use with sensitive data, the consideration is different than for regular productivity tasks.

Can I use soev.ai alongside Microsoft 365?

Yes. soev.ai integrates with SharePoint, OneDrive, and Teams. You can deploy soev.ai for AI use with sensitive data without having to replace your entire Microsoft environment.

Learn more

Visit soev.ai/en/security-compliance or discover how the AI Knowledge Base works within a Dutch cloud.

Further reading

Security & complianceAI Knowledge BaseSecure AI for government

Want to experience what soev.ai can do for your organization?

Book a demo and discover how sovereign AI works in your own environment.

Book a demo nowGet in touch
Book a demo