Compliance in Microsoft Cloud for Nonprofit
You are wholly responsible for ensuring your own compliance with all applicable laws and regulations. To help you meet your own compliance obligations across regulated industries and markets worldwide, Microsoft maintains the largest compliance portfolio in the industry. Compliance offerings are grouped into four segments: globally applicable, US government, industry specific, and region/country specific.
Compliance offerings are based on various types of assurances, including formal certifications, attestations, validations, authorizations, and assessments produced by independent third-party auditing firms, as well as contractual amendments, self-assessments, and customer guidance documents produced by Microsoft. For pointers to the Microsoft compliance portfolio, see Microsoft compliance offerings.
Each compliance offering description provides links to downloadable resources to assist you with your own compliance obligations. For current coverage in our available countries, see the Nonprofit compliance offerings in the following table, where ✅ indicates compliant and ❌ indicates not compliant:
|Regulation or certification||Azure SQL||Dynamics 365 Marketing||Dynamics 365 Sales||Office Online||Microsoft Power Platform||Power BI|
|Canadian Privacy Laws||✅||✅||✅||✅||✅||✅|
|Netherlands BIR 2012||✅||✅||✅||✅||✅||✅|
|SOC 1 Type 2||✅||✅||✅||✅||✅||✅|
|SOC 2 Type 2||✅||✅||✅||✅||✅||✅|