Trust cloud principle
Microsoft Azure operated by 21Vianet (Azure China 21Vianet) complies with the international and industry-specific compliance standards ISO/IEC 20000 and ISO/IEC 27001, in addition to the Information System Classified Security Protection standard that is managed by Ministry of Public Security of People’s Republic of China, GB 18030 Information Technology — Chinese Coded Character Set and Trusted Cloud Service (TCS) certifications.
Ultimately, it is up to you to determine whether Azure China 21Vianet services comply with the specific laws and regulations applicable to your business. To help you make these assessments, 21Vianet supplies the specifics about its security and compliance programs, including audit reports and compliance packages. In view of the Microsoft promise on transparency, you can ask for a third-party certification for the audit result and to verify the implementation of multiple security controls.
Data privacy is an integral part of how we operate the services. The Microsoft approach to privacy and data protection is grounded in our commitment to give our customers control of the collection, use, and distribution of their information. We work to be transparent in our privacy practices, offer customers meaningful privacy choices, and responsibly manage the data we store.
Customers retain the rights, title, and interest in the customer data they store in Azure. It is our policy to not mine customer data for advertising purposes or use customer data except for purposes consistent with providing cloud productivity services.