We respect the privacy of your data

No Advertising

Microsoft Dynamics CRM Online does not build advertising products out of customer data. We don’t scan your documents or files for building analytics, data mining, or advertising.

No Mingling

Microsoft Dynamics CRM Online always allows you to keep your customer data separate from other customer’s data. We provision you with your own database to maximize the security and integrity of your data.

Data Portability

Microsoft Dynamics CRM Online customer data belongs to the customer. You can remove your data whenever you choose.

Learn more about what we do to help protect the privacy of your data.

As a Microsoft Dynamics CRM Online customer, you know where your data resides, who can access it, and what we do with it

Where

• You know where the Microsoft major data centers and personnel are located and the logic used to determine where your data is stored.

• Who & What

  We offer clear information on who can access your Microsoft Dynamics CRM Online customer data and under what circumstances they access it.

• What

  Microsoft notifies you, if requested, about changes in our service operations.

• Learn more about how Microsoft is committed to help you comply with your regulatory requirements.

Compliance with World Class Industry standards verified by 3rd parties

Certified for ISO 27001

ISO27001 is one of the best security benchmarks available across the world.

EU Model Clauses

In addition to EU Safe Harbor, Microsoft Dynamics CRM Online will sign the standard contractual clauses created by the European Union (called the “EU Model Clauses”), which address international transfer of data. Request a signed copy of the EU Model Clauses from Microsoft.

HIPAA-Business Associate Agreement*

Microsoft Dynamics CRM Online will sign requirements for the HIPAA-Business Associate Agreement with customers upon request. HIPAA is a U.S. law that applies to healthcare entities such as doctor’s offices, which the law calls “covered entities.” HIPAA governs the use, disclosure and safeguarding of protected health information (PHI), and imposes requirements on covered entities to sign business associate agreements with their vendors that use and disclose PHI. Request a signed copy of HIPAA-BAA.

Data Processing Agreement*

Microsoft offers a comprehensive standard Data Processing Agreement to customers that addresses privacy, security and handling of customer data. Our standard Data Processing Agreement enables customers to comply with their local regulations.

Learn more about how Microsoft Dynamics CRM Online meets world-class industry standards.

* Applicable to Microsoft Dynamics CRM Online customers who manage their Online Services through the Microsoft Online Services Portal.

Excellence in cutting edge security practices

Deep Experience

We have developed our practices and policies as a result of over fifteen years of experience in providing security for online data.

Security Development Lifecycle

Microsoft’s Security Development Lifecycle ensures security and privacy is incorporated by design from software development through service operations.

Five Layers of Security

Data is secured in five different layers – data, application, host, network, and physical.

Proactive Monitoring

We proactively monitor to identify potential unknown threats by predicting malicious behavior and monitoring for irregular events that may indicate threats.

Access Restriction

Access to production servers is restricted to a small list of operations personnel.

Learn more about our security practices.