Supporting data sovereignty

Data Sovereignty Compliance & Reporting

1. Does atNorth have a sustainability process or policy in place?
   
   Yes. Our sustainability policy and report can be found here: https://www.atnorth.com/insights/sustainability
   
   Our Sustainability Policy focuses on three key pillars; Planet, People and Business Conduct, outlining a clear strategy to drive consistent progress towards our core goals:
   
   ■ Be dependable in climate-first matters
   ■ Enable a circular economy across our operations
   ■ Empower our community
   ■ Ensure a safe workplace
   ■ Maintain integrity in all we do

2. Do all atNorth sites adhere to Tier 3 standards? What impact does climate have on data center cooling?
   
   Yes. All atNorth data centers adhere to Tier 3 standards, ensuring a high level of redundancy, reliability, and uptime for mission-critical workloads. While not all sites are currently Tier 3 certified, they are designed and operated to comply with these standards.
   
   The Nordic climate plays a critical role in enhancing atNorth’s energy efficiency. The use of natural cooling alone in our Icelandic data centers can reduce energy consumption by 24 and 31% than some equivalent US and British sites.
   
   This climate advantage, combined with our innovative cooling technologies, enables atNorth to deliver sustainable, high-performance infrastructure with a lower carbon footprint.

3. How does atNorth support data sovereignty and digital autonomy in Europe?
   
   atNorth plays a key role in supporting European data sovereignty by providing AI-ready, high-density data center infrastructure located entirely within the Nordic region. As organizations across Europe seek greater control over data, infrastructure, and AI workloads, atNorth offers a trusted, regionally based alternative to global cloud hyperscalers.
   
   Key contributions:
   
   ■ Data hosted in EU jurisdiction, with full compliance to GDPR and local regulations
   ■ Privately owned, European-based infrastructure, reducing reliance on external political systems
   ■ Custom-built environments for proprietary data, private AI training, and enterprise cloud repatriation
   
   atNorth’s infrastructure enables European businesses to maintain strategic control, reduce data exposure, and align IT operations with the growing focus on sovereign cloud and AI deployments.

4. Why is the Nordic region strategically important for Europe’s digital sovereignty
   and AI infrastructure?
   
   The Nordic region is increasingly seen as a cornerstone of Europe’s sovereign digital future. With its combination of renewable energy, political stability, and cooler climate, it offers the ideal environment for hosting energy-intensive AI and cloud workloads.
   
   Key advantages of locating AI infrastructure in the Nordics:
   
   ■ Access to renewable energy and some of the lowest carbon intensity grids in the world
   ■ Naturally cool climates that reduce reliance on water and mechanical cooling systems
   ■ Geopolitical stability and EU jurisdiction, reinforcing data control and compliance
   ■ World-class technical expertise and mature digital infrastructure ecosystems
   
   atNorth’s presence across Iceland, Sweden, Finland, and Denmark, makes it a natural home for European AI and cloud innovation, while supporting the EU’s goals of resilience, competitiveness, and digital sovereignty.

5. How is atNorth enabling enterprise AI adoption while addressing concerns about sovereignty and data control?
   
   As European enterprises increasingly explore AI and machine learning applications, data sovereignty and security have become central concerns. atNorth supports this shift by offering bespoke infrastructure designed for private AI training, using an organization’s own proprietary data.
   
   Our approach:
   
   ■ Dedicated HPC and AI-ready colocation environments in secure, EUbased facilities
   ■ Support for custom, on-premise or hybrid enterprise AI clouds
   ■ Reduced latency, improved data control, and compliance with European
   data privacy laws
   
   As the industry shifts away from total public cloud reliance, atNorth enables organizations to build sovereign AI platforms that maximize control, protect intellectual property, and align with long-term strategic autonomy goals.

6. What is atNorth’s approach to security?
   
   The atNorth approach to security is based on our vision and values to develop, implement and maintain policies, procedures and an infrastructure that will ensure:
   
   ■ General security of our people
   ■ Physical security of our sites
   ■ Information security of ours and our customer’s data
   ■ Protection of our intellectual property
   ■ Regulatory and ISO compliance
   ■ Business continuity and crisis management
   ■ Informed enterprise risk management
   ■ Robust governance and communication

7. How does atNorth ensure safety, security, and a commitment to safeguarding customers and partners?
   
   A network of more than 25 subsea fiber optic routes connects our Nordic data centers to European and North American markets and beyond, providing fully redundant connectivity to drive down latency and meet the speed of data processing needed for today’s high-density, hugely sophisticated and uber timely workloads and applications.

8. How does atNorth future proof its operations?
   
   atNorth complies with health and safety laws and regulations, striving to go above and beyond legal requirements to ensure safety and security. In 2024, we invested significant resources in enhancing health and safety processes and procedures across our sites to achieve the ISO45001:2015 certification for our Occupational Health and Safety Management System (OHSMS).
   
   atNorth prioritizes a security-first approach across every layer of its operations, ensuring the protection of customer data, infrastructure, and compliance requirements. Our Code of Conduct, Code of Conduct for Suppliers and Company Policies provide the overarching guidance on expected behavior across our business operations and value chain.
   
   Key practices include:
   
   ■ Real-time risk assessment strategies to proactively identify and mitigate threats
   ■ Ongoing measurement and management frameworks for continuous improvement
   Mandatory employee training programs covering:
   ■ Security awareness
   ■ Operational safety
   ■ Regulatory compliance
   
   This organization-wide commitment ensures that every atNorth employee is aware of the risks and security protocols to support them through the safeguarding process. This ensures atNorth maintains a secure, compliant, and resilient data center environment – reinforcing customer trust and partner confidence.

General, Practical & Background Info

1. How do I learn more about the services provided by atNorth?
   
   Contact our team of experts for a consultation.
2. Where are your data centers located?
   
   atNorth currently operates facilities in Iceland, Sweden, Finland and Denmark with plans for further expansion across the Nordics.
3. Can I schedule a site visit?
   
   Absolutely. We welcome prospective clients to tour our facilities – contact us to arrange a visit.