Microsoft implements this Individual Participation and Redress control
Name/Id: ACF1852 / Microsoft Managed Control 1852 Category: Individual Participation and Redress Title: Compliant Management Ownership: Customer, Microsoft Description: The organization implements a process for receiving and responding to complaints, concerns, or questions from individuals about the organizational privacy practices. Requirements: Microsoft Azure continues to abide by the terms of the Privacy Shield framework but will no longer rely on it as a basis for the transfer of personal data from the EU/EEA to the United States. Instead, the company relies on:
* The Standard Contractual Clauses (also known as EU Model Clauses) as a lawful transfer mechanism for personal data from the EU and the European Economic Area.
* An updated Microsoft Data Protection Addendum (DPA) for Online Services which reflects that transfers of personal data from the European Union, European Economic Area, Switzerland, and United Kingdom are now governed by the Standard Contractual Clauses (controller to processor) contained in Attachment 2 to the DPA.
As a data processor, Microsoft provides the Data Subject Request (DSR) process through the Azure administrator dashboard.As identified in Microsofts publically available privacy statement, Microsoft provides a process for receiving and responding to complaints, concerns, or questions from individuals about the Azure privacy practices (https://privacy.microsoft.com/en-US).
Rule resource types
IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups