We continue to expand the scope of our cloud services compliance offerings, so that customers are able to meet their own national, regional and industry-specific requirements.
We’re happy to share that Windows Defender ATP has been successfully audited for compliance with the code of practice embodied in ISO 27018.
In addition, with the July 1st edition of the Online Services Terms (OST) - Windows Defender ATP is listed as a “Core Online Service”, this means that the Standard Contractual Clauses in the OST are applicable to Windows Defender ATP, which are the contractual obligations Microsoft has made to comply with the EU Model Clauses. Please note that these changes are currently applicable to specific features of Windows Defender ATP: Endpoint Detection & Response, Automatic Investigation & Remediation, and Secure Score.
All certificates and relevant information can be found on the Microsoft Trust Center (filter by product Windows Defender ATP).