Microsoft recognizes that cloud services raise unique privacy challenges for businesses. That is why it implements strong privacy protections in Azure services and makes commitments to safeguard the privacy of customer data. In addition, Microsoft provides customers with visibility into where their data resides and who has access to it.
Privacy by Design.
With Microsoft, customers can expect Privacy by Design, a policy that guides how Microsoft builds products and services, how services are operated, and how internal teams are organized.
Microsoft is unique among major cloud service providers in providing cloud-service specific privacy statements and making strong contractual commitments to safeguard customer data and protect privacy. Microsoft makes the standard contractual clauses created by the European Union (known as the “EU Model Clauses”) available to enterprise customers to provide additional contractual guarantees concerning transfers of personal data.
Control over data location.
For many customers, knowing and controlling the location of their data can be an important element of data privacy compliance and governance. Azure customers can specify the geographic areas where their customer data is stored. Data may be replicated within a geographic area for redundancy, but will not be transmitted outside it. For more information, including exceptions to this policy, see the Azure Trust Center.
Restricted data access and use.
Access to customer data by Microsoft personnel is restricted. Customer Data is only accessed when necessary to support the customer’s use of Azure. This may include troubleshooting aimed at preventing, detecting or repairing problems affecting the operation of Azure and the improvement of features that involve the detection of, and protection against, emerging and evolving threats to the user (such as malware or spam). When granted, access is carefully controlled and logged. Strong authentication, including the use of multi-factor authentication, helps limit access to authorized personnel only. Access is revoked as soon as it is no longer needed.
No use for advertising.
Azure does not share Customer Data with its advertiser-supported services, nor is customer data mined for advertising.