This is the Trace Id: 7ff5b7352043a7fd7c70beea334bd549
Skip to main content
Advanced Cloud Transparency Services
Sign in

About customer security and compliance

Safeguarding client information and privacy are at the core of everything we do.

Worldwide, governments and organizations must meet or exceed specific regulations and requirements for security, data governance, compliance, data residency, and sovereign protections. These requirements vary according to local and national laws. 

ACTS transparency solutions use Microsoft products and services as our foundation. Microsoft’s best-in-class security is built into everything we develop and deliver. It’s part of our DNA. Microsoft also offers industry-leading AI that synthesizes 65 trillion signals a day, applying the learnings from that day’s signal intelligence to more than 50 integrated categories within security, compliance, identity, device management, and privacy. Our customers also have access to the more than 15,000 partners that make up Microsoft’s security ecosystem.  

The Compliance and Ethics group within Microsoft’s Corporate, External, and Legal Affairs (CELA) runs the ACTS initiative. ACTS strives to create solutions that take a principled approach toward addressing customers’ particular compliance requirements. Additionally, we integrate Microsoft’s comprehensive set of compliance offerings that meet national, regional, and industry-specific requirements governing the collection and use of data.

Our customers maintain ownership of the data they provide to store and host in Microsoft Azure services. They also control which additional geographies they may decide to deploy their solutions or replicate data in.

Most Azure services enable customers to specify the region where their data will be stored and processed. This regional geography ensures that resiliency and compliance requirements are honored within specific geographic boundaries. 

Microsoft products and services adhere to privacy laws such as the General Data Protection Regulation (GDPR) for the European Union and privacy standards set by international codes of practice for cloud privacy, like ISO/IEC 27018. Local cloud offerings hold key certifications, attestations, and authorizations that help address regulatory and compliance standards required by local or federal agencies.