The purpose of the document is to establish common control points, by which users as well as supervisory authorities will be able to come to informed decisions regarding the use and oversight of the cloud computing services in part where processing of personal data is concerned. The initiatives for safer use and certifications of cloud services on the other hand are offered guidelines for future developments with the goal of compliance with personal data protection legislation.