Summary and knowledge check

  • 4 minutes

In this module, you learned about Microsoft 365 privacy standards, the reasons we have them in place, and how they differentiate Microsoft in protecting and respecting customer data.

Now that you have completed this module, you should be able to:

  • Explain Microsoft's six principles for protecting privacy.
  • List key privacy roles and categories of data processed by Microsoft.
  • Explain how Microsoft uses Defense-in-Depth to protect data throughout its lifecycle.
  • Describe Microsoft's data collection practices, including privacy notices, data handling, and compliance with international data transfers.
  • List examples of how Microsoft processes data to provide online services.
  • Explain how Microsoft restricts data transfer to third parties and provides appropriate customer notification.
  • Describe Microsoft 365 data residency and retention capabilities.
  • Explain how Microsoft destroys data when a subscription expires or is terminated.
  • Describe Microsoft practices for supporting a customer's compliance with GDPR Data Subject Requests and Data Protection Impact Assessments.

Check your knowledge

1.

Which type of data is generated or derived by Microsoft through the operation of an online service?

2.

Which statement is accurate?

3.

Which document provides guidance about how to manage each data classification type within specific activities or scenarios?