Antwort von Microsoft auf Informationsanfragen zu Microsoft 365 und Azure

Immer wieder kommen neue Dokumente in das Security und Trust Center von Microsoft. Manchmal sind diese spannender und manchmal nicht. Nun kam ein Dokument zu Informationsanfragen dazu:

Antwort von Microsoft auf Informationsanfragen

Wann: 01. Oktober 2020
Form: .pdf
Sprache: en

Auszug aus dem Dokument

In diesem Dokument erhaltet ihr Informationen gesammelt für Audits:

Does Microsoft prevent modern slavery and human trafficking in business and supply chains?

Yes, Microsoft is committed to prevent modern slavery and human trafficking. Microsoft
official statements and reports can be found here:
https://www.microsoft.com/en-us/corporate-responsibility/human-rights
See also Microsoft Response: Business and Human Rights Resource Center.
https://www.businesshumanrights.org/en/microsoft/?dateorder=datedesc&page=0&componenttype=1

Does Microsoft have of Business code of Conduct?

Yes, Microsoft’s Standards of Business Conduct are here:
https://www.microsoft.com/en-us/legal/compliance/sbc/default.aspx

Does Microsoft have policies to address Conflict of Interest?
Yes, Microsoft has comprehensive policies to ensure conflict of interests overlap with our
job responsibilities. Microsoft efforts to avoid Conflict of Interest published here:
https://www.microsoft.com/en-us/legal/compliance/sbc/trust-eachother

Is Microsoft compliant with applicable laws on Anti-Corruption and Bribery?
Microsoft is committed to observing the standards of conduct set forth in the United States Foreign Corrupt Practices Act and the applicable Anti-Corruption and AntiMoney laundering laws of the countries in which we operate. All Microsoft employees are expected to adhere to Microsoft’s Standards of Business Conduct and to Microsoft’s internal policies.

Ethics and Compliance: https://www.microsoft.com/enus/legal/compliance/default.aspx
Microsoft’s Commitment to Anti-Corruption & Bribery https://www.microsoft.com/enus/legal/compliance/anticorruption/default.aspx
Microsoft’s Standards of Business Conduct: https://www.microsoft.com/enus/legal/compliance/sbc/default.aspx

Is Microsoft involved in any Pending Litigation, Legal Actions, or Lawsuits?
As a multi-national commercial organization, Microsoft and its affiliate companies may be involved in inquiries, investigations, legal actions, and other proceedings. While it is Microsoft’s practice to refrain from disclosing any confidential information involving inquiries, investigations or proceedings against Microsoft, please be advised that ultimate outcome of any pending or past inquiry, investigation or proceeding against Microsoft, will not have any significant impact on Microsoft’s ability to provide the
products and/or services to your company that may be agreed to in a fully executed contract between your company and the relevant Microsoft entity. Microsoft discloses material legal actions within our businesses as a part of our Annual Reports, Proxy Statements and SEC filings, which can be found at URL https://www.microsoft.com/enus/Investor/annual-reports.aspx

Does Microsoft have a Privacy Policy? Yes, please see Microsoft Privacy policy here: https://www.microsoft.com/enus/corporate-responsibility/privacy

How does Microsoft respond to requests from Law enforcement for Customer Data?
Please see Microsoft’s approach to requests for Customer data from Law Enforcement
and Governments here:
https://www.microsoft.com/en-us/corporate-responsibility/law-enforcement-requestsreport

How does Microsoft respond to third party requests for Customer Data? Microsoft will not provide any third party: (a) direct, indirect, blanket, or unfettered access to Processed Data; (b) platform encryption keys used to secure Processed Data or the ability to break such encryption; or (c) access to Processed Data if Microsoft is aware that  the data is to be used for purposes other than those stated in the third party’s request.  Microsoft has a robust process for third party requests to customer data further described here:
https://www.microsoft.com/en-us/corporate-responsibility/us-national-security-ordersreport
See also:
https://blogs.microsoft.com/datalaw/our-practices/#what-is-process-disclosingcustomer-information-legal

 

Dokument Download

Hierfür müsst ihr mit einem Office 365 oder Azure Account (AAD) angemeldet sein, dann könnt ihr das Dokument runterladen:

https://servicetrust.microsoft.com/ViewPage/TrustDocumentsV3?command=Download&downloadType=Document&downloadId=9c75b207-057b-4641-b04f-20fb0cc05806&tab=7f51cb60-3d6c-11e9-b2af-7bb9f5d2d913&docTab=7f51cb60-3d6c-11e9-b2af-7bb9f5d2d913_Subprocessor_List