Data trustee principle

Microsoft developed Azure Germany to help meet the needs of customers and prospective customers in the European Union (EU), the European Free Trade Association (EFTA), and the UK. These needs include addressing concerns about security and privacy of online data. Azure Germany comprises industry-leading cloud services hosted and operated entirely under special security measures in Germany.

A local company controls access to customer data, as long as access is not granted by the customer or end users. This model ensures that the data owners keep sovereignty and the decision-making powers over their data--especially against third parties such as domestic or foreign supervisory and law enforcement authorities. These authorities can access customer data only in regulatory and compliant cases under the requirements of the German law.

Azure Germany offers a separate instance of Microsoft Azure services from within German datacenters. The datacenters are in two locations, Frankfurt/Main and Magdeburg. This placement ensures that customer data remains in Germany and that the datacenters connect to each other through a private network. All customer data is exclusively stored in those datacenters. A designated German company--the German data trustee--controls access to customer data and the systems and infrastructure that hold customer data.

The German data trustee is an independent company that is headquartered, incorporated, owned, and controlled in Germany and is subject to German law. For Microsoft Azure Germany, T-Systems International, a subsidiary company of Deutsche Telekom, has been contracted as the data trustee. The main characteristic of the data trustee model is that Microsoft is granted access to customer data only in contractually compliant cases by and under the supervision of the data trustee or the customer. At the same time, Microsoft Azure Germany integrates state-of-the-art security measures and global standards for datacenters.

Microsoft administers all aspects of operation and provisioning of Azure Germany services that do not require access to customer data. It ensures that there is no connection with other Microsoft global cloud services. Microsoft remains responsible to its customers for service level agreements (SLAs), and for most operational aspects that do not enable access to customer data.

In contrast, the German data trustee is responsible for all tasks and processes that require physical or logical access to infrastructure in Germany that stores customer data. The data trustee controls all access to customer data other than access initiated by the customer or end users.

The following features are characteristic for Azure Germany:

  • All data that the customer provides through its use of Azure Germany is stored in German datacenters only.
  • Physical access to the datacenters is monitored and controlled through a well-known German data trustee (T-Systems International).
  • Depending on the service used, data is constantly synchronized between the datacenters to ensure continuity of business processes and to enable emergency recovery.
  • Access to customer data is under the control of the data trustee.
  • The data trustee operates under German law.

For more information, see the Microsoft trustee compliance model.