1.You control your data
With Sharepoint, you are the owner of the data that you provide for storing and hosting in Sharepoint services. We do not share your data with advertiser-supported services, nor do we mine it for any purposes like marketing research or advertising.
We process your data only with your agreement, and when we have your agreement, we use your data to provide only the services you have chosen. These agreements apply equally to subcontractors (or, subprocessors) that Microsoft authorizes and hires to perform work that may require access to your data: they can perform only the functions that Microsoft has hired them to provide, and they are bound by the same contractual privacy commitments that Microsoft makes to you.
If you leave the Sharepoint service or your subscription expires, Microsoft follows strict standards for removing data from its systems.
2. You choose where your data is located
When you use Sharepoint, you choose where your data is located. Through our large and ever-expanding network of datacenters around the globe, Microsoft offers data residency Sharepoint allows you to choose from more than 60 regions linked by one of the largest interconnected networks on the planet, including more than 150 datacenters and growing.
However, no matter where your data is stored, Microsoft does not control or limit the locations from which you or your end users may access, copy, or move customer data. Most Sharepoint services enable you to specify the region where your customer data will be stored and processed.
Sharepoint offers tools to help you control the location of your data—for example, you can use Sharepoint Policy or Sharepoint Blueprint to restrict access to selected regions for your subscription.
3. Sharepoint secures your data at rest and in transit
With state-of-the-art encryption, Sharepoint protects your data both at rest and in transit. Sharepoint secures your data using various encryption methods, protocols, and algorithms, including double encryption.
o For data at rest, all data written to the Sharepoint storage platform is encrypted through 256-bit AES encryption and is FIPS 140-2 compliant. Proper key management is essential. By default, Microsoft-managed keys protect your data, and Sharepoint Key Vault helps ensure that encryption keys are properly secured. Sharepoint key management also includes server-side encryption that uses service-managed keys, customer-managed keys in Sharepoint Key Vault, or customer-managed keys on customer-controlled hardware. With client-side encryption, you can manage and store keys on-premises or in another secure location.
o For data in transit—data moving between user devices and Microsoft datacenters or within and between the datacenters themselves—Microsoft adheres to IEEE 802.1AE MAC Security Standards, and uses and enables your use of industry-standard encrypted transport protocols, such as Transport Layer Security (TLS) and Internet Protocol Security (IPsec).
4. Microsoft defends your data
Through clearly defined and well-established response policies and processes, strong contractual commitments, and if need be, the courts, Microsoft defends your data. We believe that all government requests for your data should be directed to you. We do not give any government direct or unfettered access to customer data. Microsoft is principled and transparent about how we respond to requests for data
Because we believe that you have control over your own data, we will not disclose data to a government except as you direct or where required by law. Microsoft scrutinizes all government demands to ensure they are legally valid and appropriate.
If Microsoft receives a demand for a customer’s data, we will direct the requesting party to seek the data directly from the customer. If compelled to disclose or give access to any customer’s data, Microsoft will promptly notify the customer and provide a copy of the demand unless legally prohibited from doing so.