cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Forms is GDPR compliant
By
Anqi Du
Published Sep 11 2018 08:16 PM 75.3K Views
Anqi Du
Microsoft
‎Sep 11 2018 08:16 PM

Microsoft Forms is GDPR compliant

‎Sep 11 2018 08:16 PM

Microsoft is committed to helping business customers comply with the General Data Protection Regulation (GDPR), which has been in effect since May 25, 2018. Microsoft Forms, part of the Office 365 Family, is GDPR-compliant. Our goal is to help global business customers manage compliance and avoid risk.

 

Microsoft Forms allows users to quickly and easily create custom quizzes, surveys, questionnaires, registration forms, and more. The content in these forms, as well as end user information, remains in the direct control of administrators and end users. Microsoft processes data on behalf of customers to provide the requested service as set forth in our Online Services Terms. Administrators can set policies that control this information independently of the user account lifecycle for which Microsoft Forms is associated.

 

MSC17_dataCenter_050.jpg

 

Where data is stored for Microsoft Forms?

Microsoft Forms data is stored on servers in the United States, with the exception of data for European-based tenants. The data for European-based tenants is stored on servers in Europe.

 

Turn on/off Microsoft Forms

Office 365 IT Administrators can turn off Microsoft Forms in the Office 365 Admin Center, under the User Management tab. See set up Microsoft Forms and turn off or turn on Microsoft Forms for more details. Product and service usage data can be managed in the Admin Center, as it follows a controlled lifecycle designed to comply with GDPR data subject requests.

 

The original owner of a form is no longer with my organization and/or their Microsoft Forms license has been removed. What happens to the data that is associated with the form they created?

Currently, there is no limit for the number of users for which data is retained, as long as the provisioning of their accounts is within your organization's online service agreement. There is also no limit for the amount of data stored for user accounts. All Forms customer content data, as well as account-related data, however, will be deleted 30 days after a user account is closed.

 

How do I use the in-app functionality in Microsoft Forms to find, access, export, and delete personal data?

Currently, Content Search doesn’t have the ability to find data authored in Forms. To find data generated by these applications, you or the data owner must use in-product functionality or features to find data that may be relevant to a DSR. Product and service usage data follows a controlled lifecycle designed to comply with GDPR data subject requests. Learn more.

 

For more information about GDPR and how Office 365 is helping to protect your date, please visit the following site:

 

Organizational Privacy Statement Now Can Be Surfaced with Microsoft Forms

EU GDPR law and polices

GDPR Compliance Center

Data protection impact assessments

Data Subject Request

 

8 Comments
merill
Copper Contributor
‎Oct 01 2018 02:54 PM
‎Oct 01 2018 02:54 PM

When will we see local tenant storage in Australia?

BusyIntelligence
Brass Contributor
‎Jun 04 2020 01:57 PM
‎Jun 04 2020 01:57 PM

I was just shocked to notice we are not able to delete responses on Forms when there are over 300 responses in the list.

So, if someone requests us to delete all data related to that person from our systems, we might not be able to do so.

 

That means FORMS IS NOT GDPR COMPLIANT!!!

 

Or do I miss something, @Anqi Du?

 

Kind regards,

Maurits

0 Likes
Like
Anqi Du
Microsoft
‎Jun 11 2020 04:51 PM
‎Jun 11 2020 04:51 PM

@BusyIntelligence 

Dear Maurits,

 

Thank you for your mail and feedback.  We learn a lot about how to improve our services and products based on user feedback.

 

Forms is GDPR compliant.  I agree, however, that we did not earlier have a user friendly way to delete individual responses when the responses number is over 300.

 

We have recently made service improvements to more easily enable users to delete individual responses on Forms when there are over 300 responses in the list.  The ability to delete individual responses will be the same if there are less 300 responses, or more than 300 responses.  These improvements are already rolling out, and hopefully you will see them soon.

 

Best regards,

 

Anqi

BruceDemont
Copper Contributor
‎Jul 05 2020 11:29 PM
‎Jul 05 2020 11:29 PM

I have read and heard that the data from Forms Pro can be stored into the CDS. Please advise how this is done and where we can access this information. 

 

Please also advise if it is possible to create a form and link that form to a specific entity....such as an account or contact?

 

Many thanks. 

0 Likes
Like
aSalazarM
Copper Contributor
‎Mar 07 2022 02:06 AM
‎Mar 07 2022 02:06 AM

MS team

 

Were the improvements planned to allow data deletion implemented already for ms forms? The ability to delete individual responses was supposed to be in the plans to be rolled out but I was not sure if it happened after all

0 Likes
Like
Rocky15
Copper Contributor
‎May 27 2022 03:21 AM
‎May 27 2022 03:21 AM

I believe MS Forms is HIPAA and GDPR compliant. If I use MS Forms to send out an anonymous survey, how do I include MS Forms in a GDPR statement for my website?

MT_le
Copper Contributor
‎Aug 10 2023 06:18 AM
‎Aug 10 2023 06:18 AM

How can I add link in the survey form to our GDPR policy?

DominikA9522
Brass Contributor
‎Sep 28 2023 01:44 AM
‎Sep 28 2023 01:44 AM

This is also a question what we have... 

How we can add in general to all forms our  GDPR policy?

0 Likes
Like
Version history
Last update:
‎Sep 11 2018 08:16 PM
Updated by: