Sdílet prostřednictvím

Services that will temporarily transfer a subset of Customer Data, pseudonymized personal data, or Professional Services Data out of the EU Data Boundary

  • Článek

Some services have components for which work is in progress to be included in the EU Data Boundary, but completion of this work is delayed. As described in this documentation, these service components will be included in the EU Data Boundary in the coming months. The following sections in this documentation explain the Customer Data, pseudonymized personal data, or Professional Services Data that these services currently transfer out of the EU Data Boundary as part of their service operations.

Azure services

Azure Monitor: Application Change Analysis

Application Change Analysis: Except for Application Change Analysis, Azure Monitor services can store and process Customer Data and pseudonymized personal data in the EU (as described in Configuring Azure non-regional services for the EU Data Boundary). Application Change Analysis builds on Azure Resource Graph to provide insights into changes across multiple infrastructure and application deployment layers. The dependencies on Resource Graph require data to be stored and processed globally. Customer Data that will be transferred includes customer-provided resource properties that are stored by Azure Resource Graph, in addition to pseudonymized personal data such as session tokens and primary unique IDs (PUIDs). This data may be stored or processed in any Microsoft datacenter within Azure public regions.

Azure Resource Manager

Azure Resource Manager is the deployment and management service for Azure. When variable network paths are used to reduce routing latency and maintain routing resiliency as described in Continuing data transfers that apply to all EU Data Boundary Services, Azure Resource Manager may store Customer Data and pseudonymized personal data outside of the EU Data Boundary. Types of Customer Data transferred globally include IP addresses. Types of pseudonymized personal data transferred globally include primary unique user ID (PUID), object IDs, and session IDs.

Azure Serial Console

Azure Serial Console feature (part of Azure Virtual Machines and Azure Virtual Machine Scale Sets): Serial Console in the Azure portal provides access to a text-based console for Virtual Machines and Virtual Machine Scale sets. It stores all Customer Data at rest in the Geo selected by the customer, but when used through the Azure portal may process console commands and responses outside of the Geo for the sole purpose of providing the Console experience inside the Portal. This data transfer is temporary due to the service's dependency on Azure portal, as described in Services temporarily excluded from the EU Data Boundary.

Cloud Shell

Cloud Shell temporarily transfers some pseudonymized personal data from the EU. Cloud Shell provides an interactive browser-based shell for managing Azure resources. The primary unique ID (PUID), considered pseudonymized personal data, is leveraged for live site investigations and is globally stored. Work is ongoing to rearchitect portions of Cloud Shell to store the PUID regionally. Cloud Shell can store and process Customer Data and all other pseudonymized personal data in the EU Data Boundary, as described in Configuring Azure non-regional services.

Dynamics 365 and Power Platform services

Power Automate

Power Automate temporarily transfers some pseudonymized personal data from the EU. Power Automate enables users to automate tasks and processes using workflows. Enterprise users have two options: solution-aware workflows that they can share, or personal, non-solution workflows. Non-solution workflows are created in per-user resource groups with resource group names containing the user’s object ID being globally replicated. Work is in progress to replace non-solution workflows with solution-aware workflows in the future. Until then, customers can ensure their pseudonymized personal data resides within the EU Data Boundary by requiring solution-aware flows for their environment.

Microsoft 365 services

Exchange Online

Exchange Online transfers some pseudonymized personal data out of the EU Data Boundary for service health monitoring. As part of service operations, when DevOps personnel run queries that combine system-generated data stored inside and outside the EU Data Boundary, transient egress of pseudonymized personal data may occur during the duration of the query runtime.

Microsoft Teams

Teams Q&A

Teams Q&A is an experience in Teams powered by Viva Engage (formerly named Yammer) that allows presenters to take questions from meeting attendees and answer them in real time. Customers that onboarded to Viva Engage prior to September 2024 will have their content relocated to the EU by June 30, 2025 (previously December 31, 2024). Customers that onboarded after September 2024 have their Customer Data stored in the EU Data Boundary.

  • Pseudonymized personal data about a user’s interactions with the Teams Q&A feature, such as loading the Q&A feed or scrolling through the Q&A feed.

  • Customer Data (for example, messages and reactions) for customers that onboarded to Teams Q&A without a prior Viva Engage network (tenancy), or customers that onboarded to Viva Engage prior to 2019. (Note that Teams Q&A customers that onboarded to Viva Engage after 2019 will have their Customer Data processed and stored in the EU Data Boundary.)

  • When a user from Customer A is invited as a guest to a meeting hosted by Customer B, and that meeting uses Teams Q&A, the UserID of the participants will be stored in North America.

Microsoft 365 tenant administrators can disable Q&A in Microsoft Teams at any time, either by using PowerShell or by configuring Teams Meeting Policies through the Teams admin center. Disabling Q&A will not affect previously-created meetings with Q&A content, which will still be accessible for review and the creation of new questions and replies. However, after disabling Teams Q&A, meeting organizers will not be available to add Q&A in new Teams meetings, webinars, or town hall events.

Windows Update

Windows Update for Business deployment service (now unified under Windows Autopatch) enables an IT administrator to receive and manage various types of Windows Updates for devices in their organization. When devices enrolled in this service check for Windows updates, the Device ID and the IP address for the device will be processed and stored in the US until April 30, 2024.

Security services

Microsoft Entra ID and Azure Active Directory B2C

Microsoft Entra ID and Azure Active Directory B2C: Microsoft Entra ID is a cloud-based identity and access management service. Microsoft Entra ID helps customers, and their employees, access external resources (such as Microsoft 365, the Azure portal, other SaaS applications) and internal resources (such as on premises applications) from any location on the planet. Microsoft Entra ID operates as a non-regional service. Azure Active Directory B2C (Azure AD B2C) provides business-to-consumer (B2C) identity as a service. It allows businesses to build customer-facing applications and manage customer, consumer, and citizen access to these B2C applications. Like Microsoft Entra ID, Azure AD B2C operates as a non-regional service. This section provides details on service components that cause Customer Data to be processed globally, with work underway to move the data storage and processing in the EU Data Boundary.

  • Global consolidation for service incident investigation: Microsoft Entra ID sign-in logs contain limited Customer Data which is used by on-call engineers for incident investigations to fix customer issues and determine the pervasiveness and severity of a service-impacting event.

  • Email: Self-service password reset contain limited Customer Data which is used by on-call engineers for incident investigations to fix customer issues and determine the pervasiveness and severity of a service-impacting event.

  • Legacy non-EU tenants: A small number of Microsoft Entra tenants were initially created with a country code that is NOT in Europe and later the tenant country code was changed to the one in Europe. The Microsoft Entra directory data location is decided during the tenant creation time and not changed when the country code for the tenant is updated. Starting March 2019, Microsoft has blocked updating the country code on a tenant to avoid such confusion.

Microsoft Entra ID and Azure Active Directory B2C transfer some pseudonymized personal data and Professional Services Data outside of the EU Data Boundary. As part of service operations, when DevOps personnel run queries that combine system-generated data stored inside and outside the EU Data Boundary, transient egress of pseudonymized personal data may occur during the duration of the query runtime.

Microsoft Intune

Microsoft Intune is a cloud-based endpoint management solution. As part of Intune service operations, when DevOps personnel run queries that combine system-generated data stored inside and outside the EU Data Boundary, transient egress of pseudonymized personal data may occur during the duration of the query runtime.