Starting on January 1, 2023, Microsoft will let customers store and process their customer data within the EU Data Boundary for Microsoft 365, Azure, Power Platform, and Dynamics 365 services. With this release, Microsoft is expanding on existing local storage and processing commitments, which will reduce data flows out of Europe. In some cases, customer data will continue to be transferred outside the EU Data Boundary.
The EU Data Boundary includes the countries in the European Union (EU) and the European Free Trade Association (EFTA). The EU Data Boundary makes use of Microsoft datacenters announced or operating in Austria, Belgium, Denmark, France, Germany, Greece, Ireland, Italy, Netherlands, Norway, Poland, Spain, Sweden, and Switzerland.
In the next stages of the EU Data Boundary, Microsoft will expand the solution to include storing and processing more types of personal data, like data given when getting technical support.
Next phases of the EU Data Boundary
Pseudonymized personal data
Phase 2 of the EU Data Boundary expansion includes the processing of pseudonymized personal data that Microsoft systems generate as part of service operations. This pseudonymized personal data will only be stored and processed in countries within the EU and EFTA, similar to how customer data in phase 1 will be treated. Phase 2 will be completed by the end of 2023.
Support data
By mid-2024, Microsoft plans to be able to store and process data received during technical support for Microsoft 365, Power Platform, Dynamics 365, and Azure services within the EU Data Boundary. In most cases, data will stay within the EU Data Boundary. In some cases, remote access to inboundary systems or data may be required to provide customer support or to maintain, secure, and operate the services. We will be using secure remote workstations to access data while in the EU Data Boundary. Microsoft will also be increasing staffing in the region and exploring additional support options to make sure that all customer support requests are handled in Europe.
Microsoft’s cloud services already meet or exceed EU requirements. The EU Data Boundary will allow public sector and commercial customers in the EU and EFTA to get their data processed and stored within the region. The Microsoft EU Data Boundary is built on its current residency solutions and offers enhanced control over data and increased transparency.
Microsoft will continue to offer a variety of solutions that support varied sovereignty needs. These include its existing data residency capabilities in Azure, Dynamics, and Power Platform, the Microsoft Cloud for Sovereignty, and Microsoft 365’s newly expanded data residency.
Read next: Microsoft to have 100% electricity consumption come from zero-carbon energy sources by 2030