Access GDPR accountability documentation

Find information about the capabilities of Microsoft services you can use to address specific requirements of the GDPR. Access documentation helpful to your GDPR accountability, and to your understanding of the technical and organizational measures Microsoft has taken to support the GDPR. Documentation for Data Protection Impact Assessments (DPIAs), Data Subject Requests (DSRs), and data breach notification is provided to incorporate into your own accountability program in support of the GDPR.

GDPR accountability documentation

Accountability readiness checklist

A convenient way to access the information you may need to support GDPR when using Microsoft services.

Data breach notification

Microsoft detects and responds to a breach of personal data, notifying controllers under the GDPR.

DPIAs

How Microsoft helps organizations meet their own DPIA obligations.

Data Subject Requests

How Microsoft helps controllers address data subject requests under the GDPR.

Customer agreements

Online service terms

You can find Microsoft contractual commitments with regard to the GDPR in the Online Services Terms.

Microsoft product terms

Microsoft extends the GDPR Terms commitments to all Volume Licensing customers.

Data protection addendum

Microsoft services extends the commitments to Microsoft Consulting Services customers and others.

Microsoft GDPR compliance controls

Visit Compliance Manager

Review and incorporate controls Microsoft uses to support obligations in the GDPR.

GDPR control mapping

Access a comprehensive mapping of Microsoft controls to GDPR obligations.

GDPR compliance FAQ

Learn about our contractual commitment to you and our own commitment to GDPR compliance.