โ† All providers

Microsoft Azure

Cloud IaaSMedium RiskVerified 2026-03-05
Visit website
Overview
Headquarters๐Ÿ‡บ๐Ÿ‡ธ USRedmond
Parent CompanyMicrosoft(๐Ÿ‡บ๐Ÿ‡ธ US)
US IncorporatedYes
CLOUD Act ExposureYes
NotesAzure is a product division of Microsoft Corporation (US). Microsoft holds comprehensive compliance certifications across its cloud services.
Regions (6 in 6 countries)
๐Ÿ‡บ๐Ÿ‡ธ US
US East ยท Virginia
๐Ÿ‡ณ๐Ÿ‡ฑ NL
EU Netherlands ยท Amsterdam
๐Ÿ‡ฎ๐Ÿ‡ช IE
EU Ireland ยท Dublin
๐Ÿ‡ฌ๐Ÿ‡ง GB
UK South ยท London
๐Ÿ‡ฏ๐Ÿ‡ต JP
AP Tokyo ยท Tokyo
๐Ÿ‡ธ๐Ÿ‡ฌ SG
AP Singapore ยท Singapore
Compliance & Data

Certifications

โœ“ SOC 2โœ“ ISO 27001โœ“ GDPRโœ“ HIPAAโœ“ PCI DSS

Data Types Handled

Application DataLogsPII
Applicable Laws (7)

Applies to businesses meeting revenue or data volume thresholds that handle California residents' data.

Max fine: USD 7,500 per intentional violationvia ๐Ÿ‡บ๐Ÿ‡ธ US
UK GDPRUnited Kingdom

UK has its own adequacy decisions separate from the EU. Transfers from the UK follow UK-specific rules.

Max fine: 4% of global annual turnover or GBP 17.5Mvia ๐Ÿ‡ฌ๐Ÿ‡ง GB
CLOUD ActUnited States

Any US-incorporated provider or subsidiary may be compelled to disclose data regardless of where it is stored.

Max fine: Contempt of court penaltiesvia ๐Ÿ‡บ๐Ÿ‡ธ US

Cross-border transfers require consent or equivalent protection standards recognized by Japan's PPC.

Max fine: JPY 100M for corporate violationsvia ๐Ÿ‡ฏ๐Ÿ‡ต JP

Cross-border transfers require comparable protection standards in the receiving country.

Max fine: SGD 1M or 10% of annual turnovervia ๐Ÿ‡ธ๐Ÿ‡ฌ SG

Cross-border transfers to non-adequate countries require SCCs, BCRs, or other safeguards.

Max fine: 4% of global annual turnover or EUR 20Mvia ๐Ÿ‡ฎ๐Ÿ‡ช IE, ๐Ÿ‡ณ๐Ÿ‡ฑ NL
FISA Section 702United States

US providers may be subject to surveillance orders targeting non-US persons, creating risk for EU data subjects.

Max fine: Contempt of court penaltiesvia ๐Ÿ‡บ๐Ÿ‡ธ US