Data, privacy, and security for Azure Cognitive Service for language

This article provides some high level details regarding how Azure Cognitive Service for language processes data provided by customers. As an important reminder, you are responsible for the implementation of this technology and are required to obtain all necessary permissions or other proprietary rights required to process the data you send to the system.

It is your responsibility to comply with all applicable laws and regulations in your jurisdiction.

What data does Azure Cognitive Service for language process and how does it process it?

  • Azure Cognitive Service for language processes text data that is sent by the customer to the system for the purposes of getting a response from one of the available features.
  • All results of the requested feature are sent back to the customer in the API response as specified in the API reference. For example, if Language Detection is requested, the language code is returned along with a confidence score for each text record.
  • Azure Cognitive Service for language uses aggregate telemetry such as which APIs are used and the number of calls from each subscription and resource for service monitoring purposes.
  • Azure Cognitive Service for language doesn't store or process customer data outside the region where the customer deploys the service instance.
  • Azure Cognitive Service for language encrypts all content, including customer data, at rest.

How is data retained and what customer controls are available?

  • Data sent in synchronous or asynchronous calls may be temporarily stored by Azure Cognitive Service for language for up to 48 hours only and is purged thereafter. This data is encrypted and is only accessible to authorized on call engineers when a service support is needed for debugging purposes in the event of a catastrophic failure. To prevent this temporary storage of input data, the LoggingOptOut query parameter can be set accordingly. By default, this parameter is set to false for Language Detection, Key Phrase Extraction, Sentiment Analysis and Named Entity Recognition endpoints. The LoggingOptOut parameter is true by default for the PII and health feature endpoints. More information on the LoggingOptOut query parameter is available in the API reference.

To learn more about Microsoft's privacy and security commitments visit the Microsoft Trust Center.

See also