Azure Stack Hub log and customer data handling
To the extent Azure is a processor or subprocessor of personal data in connection with Azure Stack Hub, Azure makes to all customers, effective May 25, 2018, the following commitments:
- The "Processing of Personal Data; GDPR" provision in the "Data Protection Terms" section of the Online Services Terms.
- The European Union General Data Protection Regulation Terms in Attachment 4 of the Online Services Terms.
As Azure Stack Hub resides in customer datacenters, Azure is the Data Controller solely of the data that is shared with Azure through Diagnostics, and Telemetry.
Data access controls
Azure employees, who are assigned to investigate a specific support case, will be granted read-only access to the encrypted data. Azure employees also have access to tools used to delete the data if needed. All access to the customer data is audited and logged.
Data access controls:
- Data is only kept for a maximum of 90 days after case close.
- The customer always has the choice to have the data removed at any time in that 90-day period.
- Azure employees are given access to the data on a case-by-case basis and only as needed to help resolve the support issue.
- In the event where Azure must share customer data with OEM partners, customer consent is mandatory.
What Data Subject Requests (DSR) controls do customers have?
Azure supports on-demand data deletion per customer request. Customers can request that one of our support engineers delete all their logs for a given case at any time, before the data is permanently erased.
Does Azure notify customers when the data is deleted?
For the automated data deletion action (90 days after case close), we don't proactively contact customers and notify them about the deletion.
For the on-demand data deletion action, Azure support engineers have access to the tool that lets them delete data on demand. They can provide confirmation on the phone with the customer when it's done.
Diagnostic data
As part of the support process, Azure Stack Hub Operators can share diagnostic logs with Azure Stack Hub support and engineering teams to help with troubleshooting.
Azure provides a tool and script for customers to collect and upload requested diagnostic log files. Once collected, the log files are transferred over an HTTPS protected encrypted connection to Azure. Because HTTPS provides the encryption over the wire, there's no password needed for the encryption in transit. After they're received, logs are encrypted and stored until they're automatically deleted 90 days after the support case is closed.
Telemetry data
Azure Stack Hub telemetry automatically uploads system data to Azure via the Connected User Experience. Azure Stack Hub Operators have controls to customize telemetry features and privacy settings at any time.
Azure doesn't intend to gather sensitive data, such as credit card numbers, usernames and passwords, email addresses, and so on. If we determine that sensitive information has been inadvertently received, we delete it.