Privacy at Microsoft

Our customers own and control their data


Review Microsoft cloud governance and privacy practices

Are you a privacy manager, corporate counsel, or governance professional?

If so, you’ll find information here about Microsoft cloud compliance with regulations that matter to you, how Microsoft maintains the privacy of your data, and the policies—including those concerning data residency, sovereignty, and access—that undergird the privacy protections in Microsoft cloud services.

Expand all

Keeping your organization in compliance with an ever-changing regulatory landscape is—by definition—a never-ending challenge.

To help organizations comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data, Microsoft provides the most comprehensive set of compliance offerings of any cloud service provider. To demonstrate that these controls deliver compliance you can rely on, Microsoft enterprise cloud services are independently validated through certifications and attestations as well as third-party audits.

Compliance offerings for Microsoft business cloud services

Achieving trust and compliance in the cloud

The Microsoft approach to compliance in the cloud

Ask your cloud provider about compliance

Microsoft Common Controls Hub Compliance Framework

Microsoft understands that when you use our business cloud services, you are entrusting us with your most valuable asset—your data. You trust that its privacy will be protected, and that it will be used only in a way that is consistent with your expectations.

Our approach to privacy is grounded in our commitment to give you control of the collection, use, and distribution of your customer data. We are transparent about the specific policies, operational practices, and technologies that help ensure the privacy of your data in Microsoft business cloud services.

Privacy considerations in the cloud

You know how we manage your data

You know where your data is located

You know who can access your data and on what terms

You know how we respond to government and law enforcement requests to access your customer data

We set and adhere to stringent privacy standards

Microsoft sees privacy as a fundamental human right, and when it comes to our products, we are committed to providing our customers with the information and controls they need to make their own choices about how their data is collected and used. Our policies and processes help keep your data private and in your control.

The Microsoft Privacy Standard is the cornerstone of the privacy program at Microsoft. This authoritative document includes the business processes we follow to achieve privacy compliance, and delineates the general privacy requirements for developing and deploying Microsoft products and services. It sets rules to help us keep your customer data secure, and handle and store it in a way that helps safeguard its privacy.

Microsoft Online Services Privacy Statement describes Microsoft data protection policies and practices in clear, straightforward language.

A Cloud for Global Good. Microsoft offers a policy roadmap—a set of 78 recommendations in 15 policy categories—as the foundation for a regulatory environment that leads to a trusted, responsible, and inclusive cloud.

Privacy at Microsoft

Principles, policies, and practices FAQ