Compliance in Microsoft Cloud for Nonprofit

You are wholly responsible for ensuring your own compliance with all applicable laws and regulations. To help you meet your own compliance obligations across regulated industries and markets worldwide, Microsoft maintains the largest compliance portfolio in the industry. Compliance offerings are grouped into four segments: globally applicable, US government, industry specific, and region/country specific.

Compliance offerings are based on various types of assurances, including formal certifications, attestations, validations, authorizations, and assessments produced by independent third-party auditing firms, as well as contractual amendments, self-assessments, and customer guidance documents produced by Microsoft. For pointers to the Microsoft compliance portfolio, see Microsoft compliance offerings.

Each compliance offering description provides links to downloadable resources to assist you with your own compliance obligations. For current coverage in our available countries, see the Nonprofit compliance offerings in the following table, where ✅ indicates compliant and ❌ indicates not compliant:

Regulation or certification Azure SQL Dynamics 365 Marketing Dynamics 365 Sales Office Online Microsoft Power Platform Power BI
Canadian Privacy Laws
Germany C5
ISO 22301
ISO 27001
ISO 27017
ISO 27018
Netherlands BIR 2012
SOC 1 Type 2
SOC 2 Type 2

See also

Dynamics 365 and Power Platform data residency and privacy
Microsoft 365 data residency and privacy
Azure data residency and privacy
Microsoft Compliance Center