Privacy page for Microsoft 365 | Learn how Microsoft 365 handles privacy

Contact information

The legal entity behind Microsoft 365

Privacy policy

The privacy policy by is a legal document or statement that discloses how Microsoft 365 gathers, uses, discloses, and manges their customers' data.

View privacy policy for Microsoft 365

Privacy contact information

Get the contact information for Microsoft 365 privacy team or DPO.

Privacy contact information for Microsoft 365

Data transfers

The basis for Microsoft sharing, adding, uploading, hosting, accessing or sending personal data out of Europe. Vendors can also add a description of their own impact assessment for data transfers.

View Microsoft 365's data transfers information

Security information & certifications

Documentation of the security measures and practices Microsoft has in place when handling personal data.

View Microsoft 365's security information

Personal data

A description of the personal data that Microsoft is handling.

Sensitive and ordinary information being collected by Microsoft 365's

Data processing agreements

A DPA is a contract that defines clear roles and obligations for the sharing of personal data.

Get Microsoft 365's data processing agreement(s)

Data retention & deletion

Information about how long the data is kept for and when it's deleted.

Get Microsoft 365's data retention information

Subprocessors

Subprocessors are companies that provide a service for Microsoft and who has or potentially will get access to personal data of their customers.

Get Microsoft 365's list of subprocessors

Processing locations

Where personal data is processed by Microsoft

Get Microsoft 365's full list of data processing locations

Processing locations of Microsoft's subprocessors

Where personal data is processed by the subprocessors of Microsoft

Get full list of data processing locations of Microsoft 365's subprocessors