The company is the first big cloud provider to issue formal GDPR promises
Microsoft has pledged to ensure anybody signing up to its cloud services automatically complies with the EU’s General Data Protection Regulation (GDPR), a set of tougher data privacy laws applying to companies dealing with EU citizens’ personal data.
Microsoft has set out three commitments that it’s writing into its contracts for make firms automatically compliant – they are to help companies respond to any requests to correct, amend or delete personal data, detect and report data breaches, and demonstrate each company’s compliance with the GDPR.
Rich Sauer, Microsoft’s corporate vice president and deputy general counsel, said the company has introduced the three commitments to help earn its customers trust, ensure they can operate safe in the knowledge Microsoft has their best interests in mind, and that they will be fully supported should the UK’s data watchdog, the Information Commissioner’s Office, or any other authority investigate whether they comply.
“Microsoft is the first global cloud services provider to publicly offer you these contractual commitments,” Sauer said. “We believe privacy is a fundamental right. The GDPR is an important step forward to further clarify and enable individual privacy rights and [we] look forward to sharing additional updates how we can help you comply with this new regulation and, in the process, advance personal privacy protections.”
Microsoft has already released in-depth guidance for its customers to ensure they are well-prepared for the changes coming into force in the UK on 25 May 2018.
Not only does it include general information about what the GDPR means, it also includes information that relates to Microsoft’s specific services including Azure and Office 365, Windows and Windows Server.