Skip to main content

Safeguard individual privacy with the Microsoft Cloud

Watch the Safeguarding individual privacy rights with the Microsoft Cloud webcast to learn about essential General Data Protection Regulation (GDPR) topics— plus how Microsoft 365 and the Microsoft Cloud help keep your organization compliant.

Watch the webcastRead the M365 Blog

Preparing for a new era in privacy regulation

As of May 25, 2018, a European privacy law, the General Data Protection Regulation (GDPR), is in effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.

Microsoft has extensive expertise in protecting data, championing privacy, and complying with complex regulations, and currently complies with both EU-U.S. Privacy Shield and EU Model Clauses. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.

We are committed to GDPR compliance across our cloud services and provide GDPR related assurances in our contractual commitments.

Learn more about how our products help you comply with the GDPR, and let us help you get started. You can also find resources like webinars, videos, white papers, and FAQs about the regulation.

Key changes under GDPR

Alt text

Personal privacy

Individuals have the right to:

  • Access their personal data
  • Correct errors in their personal data
  • Erase their personal data
  • Object to processing of their personal data
  • Export personal data
Alt text

Controls and notifications

Organizations will need to:

  • Protect personal data using appropriate security
  • Notify authorities of personal data breaches
  • Obtain appropriate consents for processing data
  • Keep records detailing data processing
Alt text

Transparent policies

Organizations are required to:

  • Provide clear notice of data collection
  • Outline processing purposes and use cases
  • Define data retention and deletion policies
Alt text

IT and training

Organizations will need to:

  • Train privacy personnel and employees
  • Audit and update data policies
  • Employ a Data Protection Officer (if required)
  • Create and manage compliant vendor contracts

Learn about GDPR compliance best practices

Discover privacy program best practices and get insights into how a global company like Microsoft approaches regulations such as the GDPR in Journey to GDPR Compliance. Learn how products such as Microsoft 365 and Office 365 Data Loss Prevention—plus a Privacy Dashboard—help you achieve compliance when using Microsoft cloud services.

Download the e-book now


Enable customer privacy with Microsoft 365

Now that the GDPR is in effect, you must be armed with how to respond to other global regulation requirements and standards to minimize risk within your organization. Learn more about how Microsoft 365 can help you stay compliant with the ever-changing regulatory requirements. Simplify compliance using built-in, audit-ready tools in Microsoft 365.

Understand regulatory requirements

Learn more about data governance


Manage your compliance from one place

Perform ongoing risk assessment, get actionable insights, and simplify your compliance process when using Microsoft cloud services with Compliance Manager.

Try Compliance Manager now

Read the Security, Privacy, and Compliance blog

female working on laptop with male colleague looking at her screen
female working on laptop with male colleague looking at her screen

Assess your GDPR compliance

Find out if your organization meets personal data protection requirements. Take our quick, interactive 10-question evaluation to assess your readiness to comply with the GDPR today.

Take the assessment

Get ready for GDPR accountability

Enhance your GDPR accountability readiness with tools and documents that help you respond to data subject requests (DSRs) and personal data breaches, as well as the information you need to create your own data protection impact assessments (DPIAs) across Microsoft Cloud services.

Learn about Support for GDPR Accountability

Learn about data governance and the GDPR

Discover how Microsoft tools and technologies help you meet the upcoming GDPR requirements across four main areas involved with GDPR compliance: discover, govern, protect, and report. The interactive e-book, GDPR and Data Governance, can help you build an effective compliance program.

Explore the interactive e-book

See how to prepare for the GDPR

With the regulation in effect globally as of May 25, 2018, are you ready? Our video series, Countdown: Preparing for GDPR, sheds light on how to reach and stay GDPR compliant under evolving guidance, based on Microsoft experts’ conversations with EU regulators.

Watch the video series now


Support for GDPR compliance

We’re here to help you meet GDPR requirements—through our products, as well as in-depth documentation and other resources. Read the GDPR FAQs to learn more about our contractual commitments to our customers, plus our own commitment to GDPR compliance.

Read the FAQs

Manage your compliance from one place with Compliance Manager