Microsoft understands that for you, our customer, to use our cloud services, you entrust us with your most valuable asset—your data. You trust that its privacy will be protected and that it will be used only in a way that is consistent with your expectations.
For almost 20 years, Microsoft has been a leader in creating online solutions designed to protect the privacy of our customers, and today the Microsoft Cloud infrastructure supports over a billion customers around the globe.
This experience has given us the foundation for developing industry-leading privacy policies, compliance programs, and security measures that we apply across our cloud computing ecosystem. Our time-tested approach to privacy and data protection is grounded in our commitment to give you control of the collection, use, and distribution of your information. We strive to be transparent in our privacy practices, offer you meaningful privacy choices, and responsibly manage the data we store and process.
In the following pages, we describe the specific policies, operational practices, and technologies that help ensure the privacy of your data in the Microsoft Cloud.
With the Microsoft Cloud, you are the owner of your customer data.
Microsoft will use your customer data only to provide the services we have agreed upon, and for purposes that are compatible with providing those services. We do not share your data with our advertiser-supported services, nor do we mine it for marketing or advertising.
You can access your customer data at any time and for any reason without assistance from Microsoft. We restrict access to it by Microsoft personnel and subcontractors.Learn more about data ownership in the Microsoft Cloud
In the Microsoft Cloud, you know where your customer data is located, who can access it and under what circumstances, and how it is responsibly protected, transferred, and deleted.Learn more about controlling your data in the Microsoft Cloud
When governments or law enforcement make a lawful request for customer data from Microsoft, we are committed to transparency and limit what we disclose. We do not give any third party direct or unfettered access to customer data except as you direct or where required by law. When we receive a lawful request for customer data from a government agency, we always attempt to redirect the third party to obtain the requested data from our customer.Learn more about how we respond to lawful requests for access to customer data
Privacy protections in the Microsoft Cloud are grounded in the Microsoft Privacy Standard (which details Microsoft’s core privacy requirements and practices) and the Microsoft Secure Development Lifecycle (which includes addressing privacy requirements in the process of developing software).
We then back those protections with strong contractual commitments to safeguard customer data in the Microsoft Online Services Terms, as well as by abiding by the EU Model Clauses and aligning with ISO/IEC 27018, which governs the processing of personal information.Learn more about privacy standards in the Microsoft Cloud