All resources related to RGPD compliance can be accessed here: www.microsoft.com/en-us/trustcenter/privacy/gdpr/resources. Microsoft has announced an update to the Online Terms of Service (OST) privacy policy in its cloud commercial contracts to all commercial customers. Microsoft has served as a data processing provider, which means it has collected and used personal data from its corporate services to provide the online services requested by customers and for the needs of its customers. Data processors process personal data on behalf of the processor. These conditions meant that the client was in charge of the treatment. The treatment managers determine the purpose and means of this treatment. The RGPD requires a contract between each manager and a subcontractor when personal data is transmitted. This means that Microsoft is either required to sign its customer`s processor agreement, or if microsoft offers a product or service to the customer, Microsoft can then write the contract. The RGPD also requires a subcontractor (Microsoft) not to accept the personal data of a processing manager in the absence of a contract and notify the person in charge. So the question is, where is the processor addendum for the RGPD? It is certainly not on the resource side of the RGPD. SalesForce has one. Oracle has one.

AWS has a way out. Microsoft is committed to complying with the RGPD and providing a range of products, features, documentation and resources to help our customers meet their compliance obligations in accordance with the RGPD. Below is a description of Microsoft`s contractual obligations to its customers regarding personal data collected by enterprise software: I am looking for a data processing agreement, since we use Office 365 and are based in Sweden. May 25: E the new RGPD comes into effect and, until then, we need an absence signed with Microsoft. Microsoft extends the RGPD terms to all generally available enterprise software customers, which are licensed by us or our affiliates in accordance with Microsoft`s licensing conditions and will apply from May 25, 2018, regardless of the corresponding version of enterprise software, provided that Microsoft is a processor or subprocesser of personal data associated with that software and that Microsoft continues to offer or support it. You can find support details in the Microsoft Lifecyle Directive under support.microsoft.com/lifecycle. What I really need is a DPA for Office 365 or instructions where I find it or if it is already covered in the licensing agreement. RGPD-compliant companies that use Microsoft cloud products such as Azure and Office 365 may have to change their data processing agreements. Microsoft is making changes to its cloud terms and conditions, which will come into effect this new year and which may have a significant impact, as it will soon change its role as a controller data processor in some respects.

This means that Microsoft will have more obligations in these areas, but it also means that customers will have less control over how they are provided online and will be able to provide fewer instructions for processing purposes. The OST update reviews their responsibilities for a subset of Cloud Enterprise services. Microsoft plays the role of data manager in the processing of certain administrative and operational purposes to provide cloud services such as Azure, Office 365, Dynamics and Intune. This subset of data processing is intended for administrative or operational purposes, such as account management; Financial reporting Combating cyberattacks on Microsoft products or services; and fulfill their legal obligations.