Salesforce announced on Mar. 25 that Agentforce, the agentic layer to its platform, has received Second-Level Compliance recognition from the EU Cloud Code of Conduct.
The achievement is significant for companies that rely on cloud services and are working to comply with data protection regulations such as the General Data Protection Regulation (GDPR). The EU Cloud Code of Conduct was established in 2017, with Salesforce as a founding member, to help cloud providers demonstrate compliance with GDPR requirements through transparency and trust.
This new recognition for Agentforce follows previous similar achievements by Salesforce Services and Salesforce Services on Hyperforce. It continues Salesforce’s commitment to meeting global data protection laws and requirements. According to the company, verifiable data protection is essential as organizations become more reliant on AI technologies.
Agentforce is built on the Salesforce Platform and incorporates the Einstein Trust Layer. This layer consists of agreements, security technology, and privacy controls designed to protect customer data during the use of generative AI solutions. Other certifications held by Salesforce include C5 in Germany and ENS in Spain. In 2015, Salesforce became the first enterprise software company approved for Binding Corporate Rules (BCRs) for Processors.
The broader impact of this development underscores ongoing efforts within the technology industry to address evolving regulatory demands around data privacy and artificial intelligence. As more companies move toward becoming what Salesforce describes as “Agentic Enterprises,” these types of recognitions may play an important role in supporting safe adoption at scale.
