Microsoft Azure. Customers upload their own data. The data processor does not check the data and will only access the data at the customer's request. This may be necessary in order to respond to a question from the customer, for instance.
Microsoft Azure. Cognito Forms uses Microsoft Azure to provide highly available, highly scalable, and highly secure hosting for both services and data. Cognito Forms has entered into a BAA with Microsoft covering all aspects of Cognito Forms' hosting via Microsoft Azure.
Microsoft Azure. Reselling services from the Microsoft Azure catalog. Microsoft Azure is a worldwide cloud solution that offers a wide range of services primarily consists of compute, storage and network.
Microsoft Azure. The security measures in place on the Microsoft Azure platform are specified in the DPA with Microsoft Ireland Operations, Ltd (“Microsoft”) which may be downloaded via the following link xxxxx://xxx.xxxxxxxxx.xxx/licensing/docs/view/Microsoft-Products-and-Services-Data- Protection-Addendum-DPA. More information on Microsoft Azure security measures can be found via the following link xxxxx://xxxxx.xxxxxxxxx.xxx/en- us/azure/security/fundamentals/overview. At the time of entering this Agreement, the Supplier makes use of the following sub- processors: The Supplier may replace or make use of new sub-processors subject to a prior written notice to the Customer giving the Customer a reasonable time to object. Updated list of sub- processors will always be available at xxxxx://xxx.xxxxxxxxxx.xxx/en/terms- conditions/sub-processors-list and Supplier will be considered to have provided a notification on adding a new sub-processor to Customer by publishing the sub-processor’s name on the said link. Customer may also opt to receive notifications of new sub-processors on the said link. The Customer acknowledges that personal data is being transferred to third countries as part of the processing of the Customer’s data by the sub-processors. As regards transfer of personal information to any sub-processors located outside of the EU/EEA, this will be based on the Commission’s Standard Contractual Clauses which the Customer therefore instructs the Supplier to enter into with any such sub-processors on the Customer’s behalf. Supplier uses additional processors when processing personal data as an independent controller. For more information about such processing, which is outside the scope of the Agreement, see the Supplier’s Privacy Policy here: xxxxx://xxx.xxxxxxxxxx.xxx/en/terms- conditions/privacy-policy.
(a) The purpose of these standard contractual clauses is to ensure compliance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) for the transfer of personal data to a third country.
Microsoft Azure. The security measures in place on the Microsoft Azure platform are specified in the DPA with Microsoft which may be downloaded via the following link xxxxx://xxx.xxxxxxxxxxxxxxxxxxxxxxxx.xxx/DocumentSearch.aspx?Mode=2&Keyword=DP A.
Microsoft Azure. The data processor offers a SaaS solution and uses a Cloud supplier (Microsoft) to host the services and related components and content provided online. The infrastructure and the as- sociated security are provided by Microsoft. All data is hosted on Microsoft's data centre lo- cated in the Netherlands. Azure cloud has comprehensive compliance coverage: ISO 27001, ISO 27018, SOC 1, SOC 2, SOC3, FedRAMP, HITRUST, MTCS, IRAP, and ENS. Web servers, application servers, database servers and physical storage in which data is kept is provided in a redundant multi-drive configuration which gives mirrored storage and the re- quired software to host the solution and associated services. The service takes advantage of the wide opportunities in Azure to ensure high availability in- cluding full redundancy for all components and services, load balancing, automatic scaling of capacity, continuous backup and geo-replication of data and a traffic manager to automatic geographic failover in case of an emergency at the data centre level. The hosting service is provided in a safe ’limited access’ environment. There is a continuous supply of power, climate control, and the data centre is protected against natural disasters. See more on Microsoft Azure security measures here xxxxx://xxxxx.xxxxxxxxx.xxx/en-us/over- view/trusted-cloud/ The data processor reserves the right to change the location of the data centre without obtain- ing prior consent from the customer, provided that the new data centre provides the Customer with at least the same service level and security as the current and provided that the new data centre is located within the EEA/EU. The web-based application uses secure HTTP (SSL/HTTPS) to protect data transmissions over the internet. Virtual Private Network (VPN) technology is used to protect other transmis- sions such as access to the active database. The data processor uses an effective implementation that includes configuration of adminis- trative services, establishing and configuration of user identities, and implementation of ser- vice- and role-based access controls. Furthermore, we are monitoring, controlling and logging of both users and end-points. In order to access the production environment, an authorized user must have a unique username and password and multi-factor authentication enabled. Two-factor authentication is required for access to all operational systems, and all critical sys- tems are also protected by IP restrictions. This means tha...
Microsoft Azure. 2.1. The Processor has entered into an agreement with Microsoft Corporation whereby Microsoft is a Sub-processor to the Processor acting (on the Controller's behalf) to provide hosting services via the Microsoft Azure Cloud Platform. All of Controller's data including Personal Data are hosted on the Microsoft Azure Cloud Platform in Ireland and the Netherlands. The hosting services do not take place in countries outside EU.
2.2. In the event of Microsoft’s termination of its agreement with the Processor (in whole or in part) regarding the Microsoft Azure Cloud Platform, the Processor shall endeavour to provide a new hosting service to the Controller within the EU as soon as reasonably possible. The Processor is entitled to terminate the Agreement in whole or in part with a prior notice of sixty (60) days.
Microsoft Azure. All services offered by Azure are designed to align with GDPR regulations. If customers utilizing Azure services decide to transfer data containing personal information across international borders, it is imperative for them to consider the legal obligations associated with such transfers. Microsoft offers customers a range of services and resources aimed at assisting them in meeting GDPR compliance requirements relevant to their operations1. Azure simplifies scalability and load balancing, ensuring your application adapts to fluctuating traffic. With an extensive global network of data centres, Azure enables the deployment of applications across multiple regions for enhanced performance and redundancy. It also offers strong security features, compliance certifications, and encryption tools, ensuring adherence to regulatory requirements. Azure's pricing structure is intricate, incorporating numerous variables and potential challenges, making it difficult to determine precise prices and costs2 (and it is relatively expensive). However, it employs a pay-as-you-go approach, preventing you from overpaying for features and add-ons that you may not use. Sophisticated configurations and setups, particularly those related to complex networking or scenarios, might demand a more profound comprehension of Azure. Users may perceive these aspects more challenging than similar platforms. 1 xxxxx://xxxxx.xxxxxxxxx.xxx/en-us/explore/global-infrastructure/data-residency/#overview 2 xxxxx://xxxxx.xxxxxxxxx.xxx/en-us/pricing/calculator/
Microsoft Azure. Any workloads hosted in Microsoft Azure cloud is protected by the configured backup snap shots within that cloud platform. The following standard recovery and retention will be configured and managed.
i) Maintenance includes
a) Creation of a custom backup schedule and/or snap shots
b) Backup Alert Monitoring and Remediation
c) Data Restorations
d) Flat File, Folder and Drive Restorations
e) Virtual Machine
ii) Default Backup Schedule
a) Default Backup Frequency: 1 daily backup
b) Default Recovery Points • Keep Daily Revisions: 7 days • Keep Weekly Revisions: 4 weeks • Keep Monthly Revisions: 12 months • Keep Yearly Revisions: 7 years
Microsoft Azure. Auto-scaling is supported for Microsoft Azure Virtual Machines through the cloud service that contains them. VMs can be added to an availability set, which automatically scales in response to load or according to a schedule. Scaling is done by turning on and off previously created VMs. Scaling can be triggered based on CPU usage or queue length; the number of instances that are added or removed by a single scaling action is controllable; and a minimum wait time (cool-down) between scaling actions can be set to avoid thrashing. Azure automatically configures network properties for each deployed VM; in particular, it fully controls and manages the internal IP (non-routable) address of each VM. It is possible to assign public VIPs to VMs and have Azure load balance traffic both locally (in region) and globally (geo-route). Multiple end-points can be configured on each VM to support different protocols, networks, and policies (e.g., ACL). VPNs and private networks are supported via Virtual Networks (VNets), which can either be cloud-only or cross-premise; VMs can be assigned to these VNets, however, there is no direct control over the network infrastructure.