Microsoft Dynamics CRM Online is a customer relationship management solution with built-in capabilities for industry leading enterprise-grade
security, privacy and compliance. As a Dynamics CRM Online customer, Microsoft values your trust and is committed to
protect the privacy and security of your data.
Dynamics CRM Online service is based on following trust principles:
- Software Development Lifecycle. Dynamics CRM Online is built using the Security Development Lifecycle, a mandatory
process that embeds security requirements into every phrase of the development process.
- Encryption. Your data is protected by encryption while it is at rest in Microsoft datacenters and while it travels
between user devices and our datacenters.
- Identity and access management. Azure Active Directory simplifies the management of users and groups, enables
you to assign and revoke privileges easily, and helps protect Dynamics CRM Online from unauthorized access.
Learn more by reading
Microsoft Dynamics CRM Online security.
Privacy by Design
- Data Ownership. You own your data. Your data is not mined for advertising purposes. You can remove your data
at any time from Dynamics CRM Online by cancelling your subscription and requesting that your data be deleted.
- Microsoft’s role as Data Processor. Microsoft is the only processor of your data. We only use your data for
the services mutually agreed upon. Learn here
how we use your data. We are constantly taking steps to protect customer data from government snooping.
- Data Privacy Controls. Dynamics CRM Online keeps your customer data separate from other customers' data.
We provision you with your own database to maximize the security and integrity of your data.
- Compliance responsibilities. Microsoft maintains compliance with leading data protection and privacy laws applicable
to cloud services so that Dynamics CRM Online complies with the laws and regulations unique to national, regional,
and industry-specific requirements. Our compliance with world-class industry standards is verified by third parties.
- Compliance framework. We offer a comprehensive compliance framework to help you comply with your specific requirements.
Dynamics CRM Online complies with international and industry-specific compliance standards. Some of the key compliance
standards it complies with are ISO/IEC 27001, ISO/IEC 27018, FedRAMP for Dynamics CRM Online for Government, SOC 1
and SOC 2 Type II. Learn more about all compliance standards
- Data Location and Access. You know
where your data is stored and the logic used to determine the data location. We are transparent about who can access your Dynamics
CRM Online data, and under which conditions your data is accessed.
- We’re accountable to you. We notify you, if requested, about changes in our service operations. As an administrator,
you will receive service notifications and compliance notifications regarding datacenter location changes, in addition
to security, privacy, and audit information.
Learn about holistic datacenter efficiency.
You can learn more about Microsoft data practices by reading the
Online Services Terms and
Microsoft Online Services Privacy Statement.