Company Onboarding process guide for Cloud Service Providers (CSP)

• Onboarding Guidelines
• 1. Introduction
• 2. Prerequisites for Onboarding
• 3. Launching the Onboarding process
• 4. Submission and verification of Documentation
• 5. Signing the Marketplace Terms and Conditions
• 6. Generation of LEAR Verifiable Credentials
• 7. Contact and Support
• LEAR appointment form - practical considerations
• Practical Considerations for Entities on the Appointment of “Legal Entity Appointed Representative Form”

Onboarding Guidelines

1. Introduction

Purpose of the Guide

This guide is designed to facilitate the onboarding process for new Cloud Service Providers (CSPs) in the  Marketplace, ensuring a clear understanding of the necessary steps to complete registration and start publishing offers.

Scope of the Marketplace

The  Marketplace is a digital platform that enables CSPs to offer cloud and edge computing services to enterprise customers across Europe.

The main goal of the onboarding process is the creation of an operating account for the CSPs from which they can operate within the Marketplace and start publishing their offerings.

The process is structured in three main steps:

1. Launching of the process and provision of company information and documentation

2. Verification of the company documentation and contract signature

3. Generation of the verifiable credential for the Legal Entity Appointed Representative (LEAR)

Upon the generation of the LEAR verifiable credential, the CSP is fully operational. The LEAR is the person that the CSP appoints formally, vested with all the necessary powers of representation, to interact within the DOME Marketplace with other companies.

You can find more information about the LEAR here.

Remark about the legal checks

Ensuring a high level of trust in the operation of the Marketplace is a priority for the Marketplace. To achieve that, we have opted for using verifiable credentials as the means of authenticating the operators of the CSP accounts. The generation of verifiable credentials requires the verification of the claims concerning the company and the claims of its representatives (e.g., whether the company exists, the capacity of representing the company of an individual, etc.). That is why the onboarding process requires the verification of a set of legal documentation to be submitted by the CSPs.

If a Qualified Digital Certificate of the legal entity in the sense of the eIDAS Regulation is used, most of these verifications have been made by the qualified trust services providers authorised to generate those certificates, and the DOME Marketplace relies on those verifications. That is why the set of documents to be sent is much lighter for the companies having the eIDAS Qualified Digital Certificate.

We strongly encourage the CSPs willing to onboard on the Marketplace to use eIDAS Digital Certificates in the onboarding process. This will ease the process and the subsequent operation of the lifecycle of the LEAR authorization including the revocation of a LEAR appointment.

2. Prerequisites for Onboarding

Eligibility Verification

Before launching the onboarding process, make sure that you meet the following criteria:

• You are a legal entity duly registered in an EU country.
• You have the capability to offer cloud or edge services.
• Your target users are other companies or legal entities, not consumers.
• You do not provide cloud and edge services for the health sector.

3. Launching the Onboarding process

When you enter into the DOME Marketplace landing page, click on the 'Register' button, at the upper right corner.

This button leads you to the online forms where you must enter the information requested. The information you are providing will be used to generate the Declaration of Honor and the Legal Entity Appointed Representative Form that the CSP is required to submit in the onboarding process.

There are three forms:

1.   The first one is used for collecting information about the legal representative of you company

2.   The second one gathers information about your company

3.   The third one requires information for identifying the Legal Entity Appointed Representative 

All the fields are mandatory.

If you want to review the forms before completing the forms, you can either click on the links provided above, or otherwise press the 'Fill with test data (only for testing)' button, at the bottom of the online forms.

If you have any doubt about the appointment of the LEAR, please, kindly refer to the Practical comments to Appointment Of Legal Entity Appointed Representative Form: This document offers practical advice and detailed instructions on how to properly fill out the LEAR form.

Once you have filled in the information requested, when you click the 'Submit and create documents', you will get to another screen where the declarations have been automatically generated with your data.

Please, carefully check all the data you submit before creating the documents to make sure that all the information is correct.

Once you have generated the documents, you must print the Declaration of Honor and the LEAR appointment form.

When you have the documents in pdf you will move to the next stage of the onboarding process: the submission of the required documentation and its legal review by the onboarding team of DOME.

4. Submission and verification of Documentation

Required Documentation

Depending on whethter you sign them digitally or manually you will be required to send more documentation.

If the CSP company has a valid qualified Digital Certificate in the sense of the eIDAS Regulation you will need to submit only:

• Declaration of Honor Form: Completed and signed using the qualified Digital Certificate of the company.
• Appointment of the Legal Entity Appointed Representative (LEAR) Form: Completed and signed using the qualified Digital Certificate of the company.

The validity of the qualified digital certificated used may be checked using third party tools, such as, but not necessarily limited to, the European Commission Digital Signature Services demonstration WebApp. You expressly consent to the use of such verification means to verify the validity of the digital certificates used to sign the documents you submit to the DOME Marketplace.

Important note: the CSP legal representative can appoint her/himself as a LEAR of the CSP, and there can be more than one active LEARs for a single CSP.

Important note: in the Appointment of the Legal Entity Appointed Representative (LEAR) Form, the appointed LEAR must sign the document accepting the appointment along with the CSP legal representative. The appointed LEAR should sign with a natural person qualified digital certificate, however, signing with a company qualified Digital Certificate designating she/he as legal representative is also acceptable.  When the person acting as Legal Representative of the CSP is appointing her/himself as LEAR, the company qualified Digital Certificate can be used for both appointing the LEAR and for the LEAR accepting the appointment.

If the validity of the Company Digital Certificate verification is not successful, then you will have to submit the whole set of documents described in the following section.

If the CSP company doesn’t have a valid qualified Digital Certificate (eIDAS Regulation) you will need to submit: 

• Certificate of Incorporation: This document must display the complete name of the company, its date of incorporation, and the address of the registered office. It should not be older than three (3) months from the date the potential CSP is submitting its application to onboard.
• VAT Certificate: Issued by the competent authority in the country of registration. This certificate must not be older than three (3) months from the date of application.
• Power of Attorney: A certified copy of the power of attorney or another document evidencing the source of the power of representation of the legal representative acting on behalf of the potential CSP.
• Appointment of the Legal Entity Appointed Representative (LEAR) Form: Completed and signed.
• Declaration of Honor Form: Completed and signed.
• Sworn Translations: A sworn translation into English of any document not origially drafted in English must be provided.

Once you have full set of documents you must send them to onboarding@dome-marketplace.org.

Documentation Review and Notification Process

After the required documentation has been submitted, the review process begins. It may take more than five business days. Once achieved, you will receive a notification about the status of their documentation:

• Documentation Correct and Complete: If all documents are correct and fully compliant, a notification confirming the correctness and completeness will be sent.
• Error, Mistake, or Information Missing: If there are any errors, mistakes, or missing information, you will be notified and given a fourteen (14) days term to complete or correct the documentation. Here's what happens next:
  •     The new information will be reviewed once submitted.
  •     If the corrections or additional documents are not provided in a satisfactory manner within the specified fourteen (14) days, then we will deem that you relinquish from your onboarding request.

It's crucial that all information provided during the application process is accurate and complete to prevent any delays or rejection during the review phase.

5. Signing the Marketplace Terms and Conditions

Contract Signing

After your documentation is verified and you are notified of approval, either your Legal Representative or the appointed LEAR must sign the Marketplace Terms and Conditions for Cloud Service Providers. A copy of the contract will be generated with your company data and sent to you. 

This document outlines all legal requirements and operational standards expected from the CSPs within the Marketplace.

If you want to review the Contract before completing the oboarding process, you can download the DOME Marketplace Contract for Cloud Service Providers and the DOME Marketplace Procedures, which is a document incorporated into the Contract by reference.

Remember: If you have onboarded through the process for CSPs having a valid eIDAS company digital certificate, you must use this certificate to sign the Marketplace Contract for Cloud Service Providers.

Submitting the Signed Contract

Once signed, the contract must be sent via email to onboarding@dome-marketplace.org. Only after this contract is received and processed by the DOME onboarding team the process of generating the verifiable credential will continue.

6. Generation of LEAR Verifiable Credentials

The verifiable credentials are used in the Marketplace to as the unique login mechanism, for they are a reliable digital ID that allow to trace back the activity of any person operating within the platform to the original company to which she represents and to minimise the risk of tampering through its own multi-factor authentication mechanism.

The Verifiable Credentials are used to login into the Marketplace, for publishing the company offerings in the Marketplace and, if and when the functionality is available, to manage commercial transactions operated through the Marketplace.

The information you provided about the company, the LEAR designation, etc. is needed for the generation of such verificable credentials in a consistent and reliable way that will bring trust and thus, value, to the users of the Marketplace (be them CSP or Cloud Customers).

Once you receive the confirmation of receipt of the signed copy of the Marketplace Terms and Conditions for Cloud Service Providers, the process for the generation of the verifiable credential for your LEAR starts.

By generating verifiable credentials (LEARCredentials), the Marketplace ensures that only people entrusted by the CSP can operate the CSP’s Marketplace account. This brings value to the operation of the Marketplace as it dramatically lessens the possibility of having illegitimate Offerings listed in the Marketplace, thus uplifting trust sentiment in the Cloud Customers, and also in the CSPs, that have a robust means to control that only the people authorized by the company can implement actions in the Marketplace on their behalf.

Generation of LEAR Credential

The next step will be the generation of verifiable credentials by the Marketplace for your LEAR. To do this, you will need to register on the DOME Digital Wallet (app).

Registering on the Marketplace Digital Wallet

Access the Digital Wallet:

For detailed instructions on how to register and set up your Marketplace Digital Wallet, please refer to the registration section in our comprehensive Wallet Guide. This guide provides step-by-step instructions on creating your wallet account.

Receiving and Accepting the Credential Offer

Credential Offer:

Once you complete the registration on Marketplace Digital Wallet, and have received the confirmation, you will receive within a few days an email with a so-called credential offer.

(NOTE: even if the name is Credential Offer accepting the verifiable credential is mandatory for having an operational CSP account in the Marketplace: if you do not complete the process of generating the verifiable credential - i.e., accepting the credential offer- you will not be able to operate your account and thus, even if you have signed the Marketplace Contract for Cloud Service Providers, you will not be technically enabled to receive the Marketplace Services).

We recommend to open this email on a different device from the one where the DOME Wallet is installed because you will need to scan the QR code with the wallet. Click on 'Start Credential Offer' in the email to proceed.

Information Screen:

Upon opening the email, you will initially be presented with an informational screen containing detailed instructions on how to proceed. There will be a button labeled 'Get QR Code'. Pressing this button will display the QR code with the credential offer.

Scanning the QR Code:

Once the QR code is displayed, use the QR scan function of your wallet to scan it. By scanning the QR code, the issuance process starts.

Look for the QR scan button in your wallet app to initiate the scanning process.

Note: If you experience issues with the camera not activating or if the QR code is expired or already used, please consult the troubleshooting section of our Wallet Guide. For expired or used QR codes, email domesupport@in2.es to request a new QR code.

PIN Code Entry:

After scanning the QR code, you will be prompted to enter a PIN code that you received by email. This PIN is crucial for verifying your identity and securing your credential.

Finalizing the Credential

Credential in Unsigned State:

Once the PIN is entered, the credential will appear in your wallet in an 'unsigned' state, which means it is not yet validated or signed.

Manual Validation and Signing:

The credential requires manual intervention for validation and signing. This process typically takes between 2-4 business days. You will be notified by email once your credential is signed and ready to be downloaded.

 

Downloading the Signed Credential:

Go back to your wallet and click on the signature icon to download the signed credential. After this, the credential will no longer be in the 'unsigned' state.

Credential Ready for Use:

You now have your LEAR Credential ready for use in the Marketplace. That means that your CSP account is operational now, and you will be able to start listing your offerings in the Marketplace.

7. Contact and Support

For further help, contact our technical support here.

LEAR appointment form - practical considerations

Practical Considerations for Entities on the Appointment of “Legal Entity Appointed Representative Form”

Disclaimer

This document does not constitute legal advice. It is aiming to provide context to potential cloud service providers willing to onboard on the Marketplace. You are strongly encouraged to seek legal advice from qualified professionals in the jurisdiction where you are located. The Marketplace and the Consortium disclaim any and all liability arising out of or in connection with the use of the information provided herein.

Introduction

The Legal Entity Appointed Representative (LEAR) Form aim is twofold: first, to provide legal certainty for the marketplace operator that the actions taken the people operating the account of a Cloud Services Provider (CSP) are legally binding to the CSP, either vis-à-vis the Marketplace and the cloud services customers as well; and second, as a consequence of the first, to generate a plus of trust in the cloud services customers that will find in the Marketplace a safe site where purchasing services.

Further, the LEAR having full power to bind the entity she/he represents is coherent with the verifiable credentials scheme that the Marketplace has put in place to allow a swift, fully digital and trustworthy system to structure communications and transactions within the Marketplace. 

The verifiable credentials system implemented in the Marketplace is based on the claim that the people operating the account of a CSP have the authority to represent that CSP and to legally bind it.

The Marketplace, that is the issuer of the verified credentials, needs to verify that the operators of the CSP account do have the powers needed to fully operate the account. This verification is made through the LEAR appointment form and the rest of the documentation requested in the onboarding phase.

How to deal internally with the LEAR appointment form?

For many entities, subscribing the LEAR appointment form can be an issue, due to the broad extent of the powers granted by the company to the LEAR and the difficulty those powers with their internal policies on the delegation of the entity’s powers of representation.

To overcome the difficulties that this appointment letter may pose, in many cases, the entities opt for subscribing a side letter between the entity and the person who is appointed as the LEAR of the entity.

This side letter is an internal document to the entity that expresses the conditions under which the appointed LEAR can exert the powers granted in the LEAR appointment letter (i.e., using the verified credential issued by the Marketplace) and may also express which are the consequences in the event the conditions for using the verified credential are not met. For instance, an entity may require the appointed LEAR to seek the internal approval of certain acts from a senior manager of the entity before executing them by means of the verified credential.

This scheme brings comfort to both sides: on the entity’s side, controls and limits can be set that enable compliance with internal delegation of powers policies; on the individual appointed as LEAR side, the fact of having a framework of rules under which to operate the verified credential, allows her/him to operate with a kind of safety net, for its actions would be confirmed/controlled beforehand by senior managers of the entity she/he represents.

The fact that the side letter is an internal document means that it cannot be opposed to third parties that deal with the entity relying on the powers that the LEAR is invested with, as claimed in the verified credential. The side letter only binds the entity and the individual appointed as the entity’s LEAR. The side letter it is not meant to be disclosed to the public nor to any other party dealing with the entity.

Although signing a side letter is a widespread practice in similar cases to the appointment of a LEAR, you should seek appropriate advice in relation to whether this solution is feasible or not in your jurisdiction and what should the contents of the side letter be.

Who can be designated as a LEAR

Any person of legal age can be designated as the LEAR of an entity. There is not any further limitation on this aspect.

That means that an entity can appoint as its LEAR either an employee (regardless of its position in the company) or even someone who is not linked to the entity at all.

However, the entity appointing a LEAR should carefully consider who is the right person to fill the role.

This person should be someone who is trusted by the entity’s management and with the right qualifications and skills to hold this position, for his/her actions may yield legal liabilities on the entity.

Also, the same individual can be appointed as the LEAR by more than one entity. Each appointment will generate its own and separate verifiable credential, so the individual can only represent one single entity at a time when operating in the Marketplace.