Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
MLL Customer Success Teams other privacy disclosure
This other privacy disclosure explains what data Microsoft collects through your use of MLL Customer Success Services and how we use that data. It supplements the Microsoft Privacy Statement.
Overview
MLL Customer Success Services is an ongoing and repeatable service benefit to help customers realize business value faster with the Microsoft Cloud ("MLL Customer Success Services"). MLL Customer Success Services helps to:
Plan, implement, and deploy Microsoft 365 solutions such as Teams, Office 365, and associated Microsoft Cloud solutions,
Provide deployment and integration services to connect customer data solutions to the Microsoft 365 suite of products,
Enable your business and gain end-user adoption,
Plan, onboard, and drive adoption and usage, and
Move to the Cloud confidently at your own pace.
MLL Customer Success Services is available to qualifying customers, and delivered by Microsoft employees, Microsoft-approved suppliers, and Microsoft-approved partners ("Customer Success Partners"). MLL Customer Success Services is "Professional Services", subject to the Professional Services Notice in the Online Service Terms ("OST"). Some MLL Customer Success Services may consist of performing configuration tasks (where applicable and feasible) or other services described here (collectively, "Deployment Services"). There are several specific solutions covered through this disclosure, which include School Data Sync (SDS), Education Data Platform (EDP), Insights analytics, and DataSense.
Data collection and use
Administrator Data - We collect certain Administrator Data (as defined in the Privacy Statement to implement your onboarding, implementation and deployment plan, or fulfill other requests for assistance. Administrator Data may include:
your name, title, email address, and phone number, or
the names, titles, email addresses, and phone numbers of individuals who you or your organization elect to share with us to facilitate the MLL Customer Success Services.
We use Administrator Data to provide the MLL Customer Success Services and will disclose Administrator Data to your designated approved suppliers and/or Customer Success Partners. Suppliers and/or Customer Success Partners may only access and use your Administrator Data in accordance with our data privacy and security requirements and may not access or use such data for any other purpose. We will retain the Administrator Data of your tenant admin in accordance with the terms of the online services or other Microsoft services associated with your account. For Administrator Data of individuals that you or your organization elect to share with Microsoft for purposes of facilitating MLL Customer Success Services, you (not Microsoft) are responsible for updating and deleting such data, through your tenant admin. For clarity, such responsibilities will include responding to any requests from individuals pursuant to the European Union General Data Protection Regulation (GDPR), including individuals' rights to access, retrieve, correct, erase, and restrict processing of their Personal Data. Under GDPR, Personal Data means any information relating to an identified or identifiable natural person.
Migration Data - Once we commence the Data Migration Services, data you select for migration from your current systems to the online services is considered "Migration Data" during the performance of MLL Customer Success Services. As selected by you, Migration Data could include Customer Data (including personal data contained therein). Only after MLL Customer Success Services is successfully completed, and Implementation, Deployment, or Support Data has been transferred into the destination online services is such data Customer Data for purposes of the OST. For more information on how we use Customer Data in our Enterprise Online Services, see the Privacy Statement and Online Service Terms. During the performance of MLL Customer Success Services, Microsoft may transfer the customer submitted or defined data to the United States or any other country in which Microsoft or its affiliates or subcontractors maintain facilities. The legal framework for such transfers of data is governed by the provision in the OST entitled "Location of data processing". You may choose to disengage from the MLL Customer Success Services or terminate a request for services at any time. We will delete the provided and utilized data (or any copies thereof) within 30 days of the conclusion or termination of any Request for Services. Retain a copy of your data in your existing systems for your ordinary use until Data Implementation, Deployment or Support Services are complete, including meeting your legal or privacy requirements, and not delete such copy(ies) until you have confirmed successful completion of Requested Services. Some Requested Services inherently deletes all data in accordance with requirements under applicable law, and in such cases you will therefore need to fulfill any individual's requests under GDPR that pertain to such Implementation, Deployment, or Support Data, based on the source data. For all other Requested Services, if during the Requested Services you receive a request from an individual to delete their personal data contained in the Provided Data, your tenant admin will submit the request to Microsoft on behalf of such individual (the tenant admin will be made aware of how to submit such requests).
Data disclosure obligations
In some cases, and at Microsoft's sole discretion, Microsoft may share certain personal data regarding its employees, contractors, or suppliers with you to comply with your security obligations for MLL Customer Success Services. Such information will be used solely for the limited security obligations it was disclosed for and will remain Microsoft's confidential information. You further agree to delete all such personal data within 30 days of the conclusion of the MLL Customer Success Services related to the disclosure.
Security practices in MLL Customer Success Teams
This section outlines security practices employed in MLL Customer Success Teams to help protect data from threats and help ensure that unauthorized access and data incidents can be detected and contained in a timely manner.
- Protect
- Data protection requirements are applied in the organization to help minimize and secure access to sensitive data.
- Multi-factor authentication is employed to help control identity and access management.
- Software-defined networks help isolate infrastructure partitions and protect our cloud infrastructure from intrusions and distributed denial of service attacks.
- Security hygiene is maintained through up-to-date, anti-malware software and adherence to strict vulnerability management policy.
- Security awareness is maintained through mandatory security and privacy trainings and webinars.
- Detect
- Monitoring network environments 24x7 for potential cybersecurity events.
- Security assessment and testing of operations and infrastructure for detecting potential threats.
- Respond
- Well-defined response processes help to contain incidents.
- Multi-disciplinary team specializing in incident response, forensics, intrusion analysis, and deep understanding of the platforms, services, and applications operating in our cloud data centers.
- In the unlikely event an incident should occur, there's a well-defined and tested process to notify customers appropriately.
MLL Customer Success Teams subprocessor list
This Microsoft MLL Customer Success Teams sub processor list identifies the sub processors authorized to access Implementation, Deployment, or Support Data, in order to provide MLL Customer Success Services. All such services are at the control and request of you, the Customer, through one of several portals pertaining to the products supported by the MLL Customer Success Teams. Any such sub processors (including their subsidiaries) will be permitted to process Implementation, Deployment, or Support Data only to deliver the services Microsoft has retained them to provide, and they are prohibited from using Implementation, Deployment, or Support Data for any other purpose. Microsoft publishes the names of new sub processors for MLL Customer Success Services at least six months in advance of their authorization to perform services that may involve access to Implementation, Deployment, or Support Data. Sub processors provide Implementation, Deployment, or Support or onboarding services, including ancillary services or contract staff in support of MLL Customer Success Services.
- Sub processors who provide ancillary services may process, store, or otherwise access limited Customer Data - including personal data contained therein - in the course of providing their services.
- Sub processor contract staff work in close coordination with Microsoft employees to help support, operate, and maintain the MLL Customer Success Services and in the course of doing so, may be exposed to Customer Data (including personal data contained therein). In such cases, Customer Data still resides only in Microsoft facilities, on Microsoft systems, and subject to Microsoft policies and supervision.
All MLL Customer Success Teams sub processors are required to maintain the confidentiality of this data and are contractually obligated to meet strict privacy requirements that are equivalent to or stronger than the contractual commitments Microsoft makes to customers.
Lists of MLL Customer Success Teams sub processors
MLL Customer Success Teams sub processors who provide ancillary services to support MLL Customer Success Services. More partners may be added soon.
MLL Customer Success Teams sub processors who provide contract staff to support MLL Customer Success Services:
- Collabera, Inc.