Azure IoT Central customer data request features​

Azure IoT Central is a fully managed Internet of Things (IoT) software-as-a-service solution that makes it easy to connect, monitor, and manage your IoT assets at scale, create deep insights from your IoT data, and take informed action.

Note

This article provides steps about how to delete personal data from the device or service and can be used to support your obligations under the GDPR. For general information about GDPR, see the GDPR section of the Microsoft Trust Center and the GDPR section of the Service Trust portal.

Identifying customer data

Azure Active Directory Object-IDs are used to identify users and assign roles. The Azure IoT Central portal displays user email addresses for role assignments but only the Azure Active Directory Object-ID is stored, the email address is dynamically queried from Azure Active Directory. Azure IoT Central administrators can view, export, and delete application users in the user administration section of an Azure IoT Central application.

Within the application, email addresses can be configured to receive alerts. In this case, email addresses are stored within IoT Central and must be managed from the in-app account administration page.

Regarding devices, Microsoft maintains no information and has no access to data that enables device to user correlation. Many of the devices managed in Azure IoT Central are not personal devices, for example a vending machine or coffee maker. Customers may, however, consider some devices to be personally identifiable and at their discretion may maintain their own asset or inventory tracking systems that tie devices to individuals. Azure IoT Central manages and stores all data associated with devices as if it were personal data.

When you use Microsoft enterprise services, Microsoft generates some information, known as system-generated logs. These logs constitute factual actions conducted within the service and diagnostic data related to individual devices, and are not related to user activity. Azure IoT Central system-generated logs are not accessible or exportable by application administrators.

Deleting customer data

The ability to delete user data is only provided through the IoT Central administration page. Application administrators can select the user to be deleted and select Delete in the upper right corner of the application to delete the record. Application administrators can also remove individual accounts that are no longer associated with the application in question.

After a user is deleted, no further alerts are emailed to them. However, their email address must be individually removed from each configured alert.

Exporting customer data

The ability to export data is only provided through the IoT Central administration page. Customer data, including assigned roles, can be selected, copied, and pasted by an application administrator.

For more information about account administration, including role definitions, see How to administer your application.