Man interacting with an Asus NovaGo laptop.

Navigating your way to the Cloud
Morocco

A Journey of Digital Transformation
An Interactive Guide for Legal and Compliance Professionals

INTRODUCTION TO CLOUD IN MOROCCO

Morocco is undergoing a digital transformation across all sectors – from financial services to the public sector. The market is steadily modernizing. At Microsoft, we believe that hyper-scale cloud services, in particular, can play a pivotal role in helping Morocco unlock its key socio-economic objectives while ensuring a safer, more secure and more effective environment, which adheres to accepted international technical standards.

Microsoft is proud to confirm that it meets regulatory and compliance requirements for use of the cloud in some of the most highly regulated industries across the globe and can help you to achieve compliance with the regulatory and compliance requirements applicable in your sector.

Microsoft solutions such as Microsoft Azure, Office 365 and Microsoft Dynamics 365 power many different customers across the Middle East & Africa (MEA) region, including SMEs, large global corporates, public sector and non-profit organisations. These are just some of the Microsoft cloud services driving the digital transformation across the globe as we seek to empower every individual and every organisation on the planet to achieve more in a safe, secure and legally compliant manner.

THE REGULATORY LANDSCAPE

  • The pace of cloud adoption in Morocco is, as in many other countries, accompanied by potential concerns about regulatory compliance. These concerns generally relate to the ability of cloud service providers to ensure security and privacy compliance. This is changing as organisations can now move to the cloud in a way that meets and often exceeds their security and privacy requirements. Cloud solutions from leading providers such as Microsoft are now being recognized for their ability to offer these or higher levels of security and privacy compliance.

    At Microsoft, we welcome these positive developments. We have developed a range of materials to help our customers in Morocco move to the cloud in a way that meets their regulatory requirements.

  • The laws governing the adoption of cloud computing in Morocco fall into two categories – general laws and regulations that apply to all organisations; and laws and regulations that only apply to organizations within specific sectors. There is presently no uniform regulation for cloud services in Morocco.

    • Currently in Morocco, data privacy laws are governed by Law No. 09-08 of 18 February 2009 relating to the protection of individuals with respect to the processing of personal data (“Law No.09-08”). Law No. 09-08 specifically regulates the collection, use and processing of personal data. It imposes obligations on organizations concerning matters such as notice, consent and purpose, disclosures, international transfers, security, data retention, data subjects' rights of access and correction.

      Law No. 09-08 requires data controllers to have a written agreement with their cloud service providers and ensure that appropriate, reasonable technical and organizational measures are taken to protect personal data from loss, damage, unauthorized destruction and unlawful access and processing.

      The National Control Commission for the Protection of Personal Data (“CNDP”) is the regulator which has extensive powers to investigate and fine data controllers. The CNDP is providing binding guidelines for compliance with Law No. 09-08. Microsoft intends to continue working closely with the CNDP.

    • The use of encryption technology, which forms a key part of Microsoft's cloud service offerings, is also regulated.1 To this end, Microsoft uses only certified encryption technology.2

  • This checklist provides a detailed look into the legal obligations that may affect your usage of Microsoft Cloud Services.

    Click here to download the checklist.

  • In addition to general laws, industry-specific requirements may apply. You can find out more about the requirements that apply in your industry sector by selecting from Industries below.

    Financial Services

    Financial Services

    Government

    Government

    Health

    Health


    • 1Law No. 53-05 on the electronic exchange of legal documents
    • 2Decree 2-08-518 on the implementation of the Law No. 53-05

WE BUILD OUR TRUSTED CLOUD ON FOUR FOUNDATIONAL PRINCIPLES

Security

Security

We build our services from the ground up to help safeguard your data

Learn more
Privacy

Privacy

Our policies and processes help keep your data private and in your control

Learn more
Compliance

Compliance

We provide industry-verified conformity with global standards

Learn more
Transparency

Transparency

We make our policies and practices clear and accessible to everyone

Learn more

INDUSTRY RESOURCES

INDUSTRY RESOURCES

INDUSTRY RESOURCES

INDUSTRY RESOURCES

RECOMMENDED RESOURCES

CUSTOMER STORIES

 
 
SEE MORE STORIES

CUSTOMER STORIES

 
 
SEE MORE STORIES

CUSTOMER STORIES

 
 
SEE MORE STORIES
*EXPLANATORY NOTE AND DISCLAIMER: This website is intended to provide a summary of key legal obligations that may affect customers using Microsoft cloud services. It indicates Microsoft’s view of how its cloud services may facilitate a customer's compliance with such obligations. This website/document is intended for informational purposes only and does not constitute legal advice nor any assessment of a customer's specific legal obligations. You remain responsible for ensuring compliance with the law. As far as the law allows, use of this website/document is at your own risk and Microsoft disclaims all representations and warranties, implied or otherwise.