Transparency

You have visibility into our practices.

Microsoft Azure, Microsoft 365, Microsoft Dynamics 365, and Microsoft Power Platform online services operated by 21Vianet are built on the premise that for you to control your Customer Data in the cloud, you require visibility into that data. You must know where it is stored. You must also know, through clearly stated and readily available policies and procedures, how we help secure your Customer Data, who can access it and under what circumstances. And you can review the third-party audits and certifications.

Microsoft Cloud Technology that is licensed to 21Vianet and the basis for Microsoft Azure, Microsoft 365, Microsoft Dynamics 365, and Microsoft Power Platform online services operated by 21Vianet starts by building security into software code using the Security Development Lifecycle, a process that Microsoft has made publicly available since 2004. This development process embeds security requirements into the entire software lifecycle, from planning through deployment.

21Vianet applicable customer agreements as well as related documentations (“21Vianet Agreements”) delineate the data protection policies and practices that govern the location and use of Customer Data in Microsoft Azure, Microsoft 365, Microsoft Dynamics 365, and Microsoft Power Platform online services operated by 21Vianet. The clear, straightforward language of Privacy Statement reinforces 21Vianet Agreements.

  • 21Vianet will not use Customer Data or derive information from it for any advertising or other commercial purposes without the consent of the customer.
  • 21Vianet will use Customer Data only to provide you the Services. This use may include troubleshooting to prevent, find and fix problems with the operation of the Services. It may also include improving features for finding and protecting against threats to users.
  • If you end your subscription to a service (other than free trials), you can take your Customer Data with you, and 21Vianet follows stringent standards in removing your Customer Data from all systems under its control.

Remote access to Customer Data - 21Vianet ensures that appropriate personnel are available 24 hours a day, 365 days a year. Such personnel may access Customer Data to provide customer support, troubleshoot the service, or comply with legal requirements.

  • 21Vianet personnel adhere to stringent privacy practices to safeguard Customer Data.
  • 21Vianet imposes strict requirements around legal demands for Customer Data.
  • 21Vianet does not control or limit the locations in mainland China from which customers or their end users may access Customer Data.

21Vianet offers clear policies and guidelines that cover who can access your Customer Data in Microsoft Azure, Microsoft 365Microsoft Dynamics 365, and Microsoft Power Platform online services operated by 21Vianet and when. The operational processes and controls that govern access to Customer Data in Microsoft Azure, Microsoft 365, Microsoft Dynamics 365, and Microsoft Power Platform online services operated by 21Vianet are rigorously maintained and regularly verified by accredited audit firms.

  • 21Vianet engineers do not have default access to your Customer Data. Instead, they are granted access only when providing services under management oversight. That access is carefully controlled and logged, and revoked as soon as it is no longer needed. 21Vianet and third parties perform sample audits to attest that access is only for legitimate business purposes.
  • • 21Vianet monitors closely the number of people who are allowed access to our datacenters. Subcontractors can access datacenters only to deliver the services 21Vianet has retained them to provide. They are prohibited from accessing Customer Data for any purposes.
  • You control who has access to your Customer Data. Strong authentication, including the use of multi-factor authentication, helps limit access to authorized personnel only.

When Law enforcement agencies or other third parties make a lawful demand for Customer Data to 21Vianet, we are committed to transparency and limit what we disclose.

  • 21Vianet believes that its customers should control their own information whether stored on their premises or in a cloud service. Accordingly, we will not disclose Customer Data to a third party (excluding our suppliers and subcontractors) except as you direct or as required by applicable law and regulations.
  • If compelled to disclose Customer Data to a third party, we will use commercially reasonable efforts to promptly notify you and provide a copy of the demand, unless legally prohibited.

Microsoft Azure, Microsoft 365, Microsoft Dynamics 365, and Microsoft Power Platform online services operated by 21Vianet work with customers to help them address regulatory requirements. By providing customers with compliant, independently-verified cloud services, we help make it easier for customers to achieve compliance for the infrastructure and applications they run in Microsoft Azure, Microsoft 365, Microsoft Dynamics 365 and Microsoft Power Platform online services operated by 21Vianet. We provide customers with information about our security and compliance programs, to help customers assess our services against their own legal and regulatory requirements.