Benefit from privacy, security, and compliance practices you can trust
Microsoft Dynamics CRM Trust Centre
As a Microsoft Dynamics CRM Online customer, you have entrusted Microsoft to help protect your data. Microsoft values this trust and cares deeply about the privacy and security of your data. We strive to take a leadership role in industry privacy, security, and compliance practices through the following trust principles.
Your privacy matters
We respect the privacy of your data.
Microsoft Dynamics CRM Online does not build advertising products out of customer data. We don’t scan your documents or files for building analytics, data mining, or advertising.
Microsoft Dynamics CRM Online always allows you to keep your customer data separate from other customers' data. We provision you with your own database to maximise the security and integrity of your data.
Microsoft Dynamics CRM Online customer data belongs to the customer. You can remove your data whenever you choose.
Leadership in transparency
As a Microsoft Dynamics CRM Online customer, you know where your data resides, who can access it, and what we do with it.
You know where the Microsoft major data centres and personnel are located and the logic used to determine where your data is stored.
Who and what
We offer clear information on who can access your Microsoft Dynamics CRM Online customer data and under what circumstances they access it.
Microsoft notifies you, if requested, about changes in our service operations.
Compliance with world-class industry standards is verified by third parties.
Certified for ISO 27001
ISO 27001 is one of the best security benchmarks available across the world.
EU Model Clauses
In addition to EU Safe Harbor, Microsoft Dynamics CRM Online will sign the standard contractual clauses created by the European Union (called the "EU Model Clauses") which address international transfer of data. Request a signed copy of the EU Model Clauses from Microsoft.
Data processing agreement*
Microsoft offers customers a comprehensive standard data processing agreement that addresses privacy, security, and handling of customer data. Our standard data processing agreement enables customers to comply with their local regulations.
* Applicable to Microsoft Dynamics CRM Online customers who manage their online services through the Microsoft Online Services Portal.
Relentless on security
We offer excellence in cutting-edge security practices.
We have developed our practices and policies as a result of more than 15 years of experience in providing security for online data.
Security Development Lifecycle
The Microsoft Security Development Lifecycle helps ensure that security and privacy are incorporated by design from software development through service operations.
Five layers of security
Data is secured in five different layers: data, application, host, network, and physical.
We proactively monitor to help identify potential unknown threats by predicting malicious behaviour and monitoring for irregular events that may indicate threats.
Access to production servers is restricted to a small list of operations personnel.