Please enable JavaScript.
Coggle requires JavaScript to display documents.
MS365 Data - Coggle Diagram
MS365 Data
Supplementary measures
ILA, uses Standard Contractual Clauses 2010/87/EU (Controller to Processor) . Data exporter for the transfers which take place under the ILA is the processor (Microsoft Ireland Operations Ltd.) and the data importer the sub-processor (Microsoft Corp.). Onward transfers from Microsoft Corp. to sub- processors use adequacy decisions or other agreements #. DIGIT and Microsoft are amending the ILA to reflect the introduction of the new SCCs
-
Additional technical measures: Strong encryption in transit and at rest. Communications between Microsoft’s servers take place over TLS (Transport Layer Security) or IPSec worldwide
Microsoft is not under any specific legal obligation to decrypt any information prior to its disclosure to the US authorities.
the transfer of the personal data concerned to the United States is effectively subject to appropriate safeguards
-
The processing data for Microsoft’s business operations 1, 2, 3, 5 and 6, Microsoft de-identifies the data (generally by relying on aggregated statistical data based on data containing pseudonymous identifiers)
-
-
3.1. Identification data
-
-
Cedefop limits to the minimum possible the “Identification data” attributes saved on Microsoft Azure (cloud) Active directory
3.3.1. Diagnostic data
-
-
Essential services
-
Transferred to Microsoft USA but expected to change by end of 2022, as can be seen in the public announcement on the ‘EU Data Boundary for the Microsoft Cloud’
-
-
-
Technical assistance, support and troubleshooting, including Security incident management
-