What is it?
The EU Data Boundary is a geographical area within which Microsoft has committed to store and process customer data for the majority of their online services. This is aimed at addressing concerns around data processing/location and GDPR, held both by customers and organisations such as the European Union.
It is comprised of countries in the EU:
and EFTA:
For my fellow Brits, notice the United Kingdom isn’t included #Brexit
Currently, datacentres in the following countries are being used:
although Microsoft may add additional datacentres within the EU/EFTA over time.
How it works
Azure
Regional resources deployed within an EU Data Boundary region will be in-scope. For non-regional services, there is info here on how these can be configured within the EU Data Boundary. Note, not all services have yet been re-architected to allow this.
Dynamics 365 & Power Platform
This is based on the location of your billing address and, this, tenancy.
Microsoft 365
If you have a billing address within the EU/EFTA, you’re in scope…unless you have purchased the Multi-Geo capabilities add-on license.
Which products are in-scope?
According to the January 2023 Product Terms, the EU Data Boundary can apply to these products/services:
The Product Terms also lists half a dozen scenarios where data may still go outside the EU Data Boundary, these being:
- Remote access by MS employees
- Customer-initiated transfers
- Protecting customers
- Replication of Azure AD directory data
- Network transit
- Service-specific transfers
Cloudy with a chance of Licensing 