Microsoft Cloud to be GDPR compliant as EU tightens privacy rules

Laurent Giret

To give the same data protection rights across to all European citizens in the digital age, the European Union adopted the General Data Protection Regulation (GDPR) last year. To comply with the new privacy law that will be enforced from May 25, 2018, organizations will have to guarantee the protection of all personal data regardless of where it is processed or stored.

Today, Microsoft’s Chief Privacy Officer Brendon Lynch announced that the company is committed to be GDPR compliant across all its cloud services when the new regulation will apply next year. “We are committed to our principles of cloud trust – across security, privacy, transparency and compliance,” he added. Here is what customers can expect from the Microsoft Cloud going forward:

  • Technology that meets your needs – You can leverage our broad portfolio of enterprise cloud services to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to processing of personal data. Furthermore, you can count on our extensive global partner ecosystem for expert support as you use Microsoft technologies.
  • Contractual commitments – We are standing behind you through contractual commitments for our cloud services, including timely security support and notifications in accordance with the new GDPR requirements. In March 2017, our customer licensing agreements for Microsoft cloud services will include commitments to be GDPR compliant when enforcement begins.
  • Sharing our experience – We will share Microsoft’s GDPR compliance journey so you can adapt what we have learned to help you craft the best path forward for your organization.

It’s worth noting that Microsoft Cloud customers will still have to make some changes to their privacy and data management practices to comply with the GDPR, regardless of where their organization is located. “When it comes to GDPR compliance, it’s not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behavior of, EU residents,” explained Lynch.

To help customers and partners comply with the new regulation, the Chief Privacy Officer announced that Microsoft will hold various workshops and webinars in the coming months. The company has also updated its Microsoft Trust Center website and you can learn more about how to get prepared for the GDPR on the dedicated webpage.