The page www.microsoft.com/en-us/trust-center/privacy only to the same licensing documentation page that does not contain the requirements. Dominic advises clients on international and national data protection laws. He also contributes to the design of software services agreements, privacy policies, terms of use and license agreements. GDPR-compliant companies that use Microsoft cloud products such as Azure and Office 365 may need to change their data processing agreements. Microsoft is making changes to its cloud computing terms of service, which will take effect this new year and may have a significant impact, as it will soon change its role, in some way, from data processing to the controller. This means that Microsoft will have more obligations in these areas, but also that customers will have less control over how they can provide online services and give fewer instructions for processing purposes. Microsoft is committed to complying with the GDPR and providing a number of products, features, documentation, and resources to help our customers meet their compliance obligations under the GDPR. Below is a description of Microsoft`s contractual obligations to its customers with respect to personal data collected by enterprise software: the GDPR requires a contract between a controller and a processor when personal data is transmitted. This means that either Microsoft is required to sign its customer`s processor agreement, or if Microsoft offers a product or service to the customer, Microsoft may write the agreement. The GDPR also requires a subcontractor (Microsoft) not to accept the personal data of a controller in the absence of a contract and informs the controller accordingly. So the question is, where is the subcontractor endorsement for the GDPR? It`s certainly not on the resource side of the GDPR.
SalesForce has one. Oracle has released one. AWS has released one. Yes. The GDPR requires that managers (e.g. B organizations and developers who use Microsoft`s online services for business) only use subcontractors (for example. B Microsoft) that process personal data on behalf of the controller and offer sufficient safeguards to meet the essential requirements of the GDPR. Microsoft has taken the proactive step of making these obligations available to all enterprise online customers under their subscription agreements and to volume licensing customers under their enterprise agreements. . .
.
Recent Comments