Azure ATP data security and privacy


This article provides steps for how to delete personal data from the device or service and can be used to support your obligations under the GDPR. If you’re looking for general info about GDPR, see the GDPR section of the Service Trust portal.

Search for and identify personal data

In Azure Advanced Threat Protection you can view identifiable personal data from the Azure ATP portal using the search bar.

Search for a specific user or computer, and click on the entity to bring you to the user or computer profile page. The profile provides you with comprehensive details about the entity from Active Directory, including network activity related to that entity and its history.

Azure ATP personal data is gathered from Active Directory through the Azure ATP sensor and stored in a backend database.

Update personal data

Azure ATP's personal user data is derived from the user's object in the Active Directory of the organization. Therefore, changes made to the user profile in the organization AD are reflected in Azure ATP.

Delete personal data

  • After a user is deleted from the organization's Active Directory, Azure ATP automatically deletes the user profile and any related network activity within a year. You can also delete any security alerts that contain personal data.

  • Read-only permissions on the Deleted Objects container are recommended. To learn more about how the **Deleted Objects container permission is used by the Azure ATP service, see the Deleted Objects container recommendation in Azure ATP prerequisites.

Export personal data

In Azure ATP you have the ability to export security alert information to Excel. This function also exports the personal data.

Audit personal data

Azure ATP implements the audit of personal data changes, including the deleting and exporting of personal data records. Audit trail retention time is 90 days. Auditing in Azure ATP is a back-end feature and not accessible to customers.

Additional resources

Security and privacy for Azure ATP US Government GCC High customers

For additional information on Azure ATP compliance standards and location of customer data for US Government GCC High customers, review the Enterprise Mobility + Security for US Government service description.