Editorial photograph of a contract and laptop on a conference table, representing AI data and privacy terms in Microsoft contracts
Article · Microsoft · AI Privacy Terms

AI Privacy Terms in Microsoft Contracts. What sits inside the EA, and what does not.

Microsoft AI services run on a contract that splits Customer Data, Prompt and Completion content, and product telemetry. This article maps the clauses, the gaps, and the seven privacy levers procurement carries to the EA.

Read the Framework Microsoft Hub
7Privacy levers
a leading industry analyst firmRecognized
Read the framework. · Independent. Buyer side. Reads in your browser. Read the framework →
Industry Recognized
500+ Enterprise Clients
$2B+ Under Advisory
11 Vendor Practices
100% Buyer Side Independent
Home Microsoft Hub AI Privacy Terms in Microsoft ContractsMicrosoft Hub Microsoft Services Copilot Licensing Guide EA Renewal Playbook Vendor Shield
Portrait placeholder for Morten Andersen, Co Founder
Written by Morten Andersen Co Founder · ex IBM, ex Oracle
PublishedNovember 12, 2025
Last updatedMay 11, 2026

Microsoft AI services run on top of three overlapping contracts. The Microsoft Customer Agreement (MCA) or Enterprise Agreement (EA), the Microsoft Online Services Terms (Product Terms), and the Microsoft Privacy and Data Protection Addendum (DPA). Every clause on AI data usage lives in one of these documents.

The 2025 and 2026 Product Terms versions added specific language on Copilot, Azure OpenAI Service, Azure AI Foundry, and Microsoft 365 Copilot Studio. The clauses split Customer Data, Prompt content, Completion content, and product telemetry into different commitments.

Read this alongside the Microsoft hub, the Copilot licensing guide, the Microsoft services page, and the Vendor Shield subscription.

Key Takeaways

What every Microsoft AI buyer needs in the contract

  • Three contracts. MCA or EA, Product Terms, DPA. Every AI clause sits in one of them.
  • Customer Data is protected. Microsoft contracts do not train foundation models on Customer Data by default. Confirm in writing.
  • Prompt and Completion content is different. Treated as Customer Data in current Product Terms, but the clause has evolved over multiple versions.
  • Abuse monitoring stores prompts. Azure OpenAI Service retains prompts for 30 days for abuse monitoring unless the customer applies for an exception.
  • Residency clauses are negotiable. EU Data Boundary, in country processing, and named region commitments all available on enterprise terms.
  • Customer Copyright Commitment. Microsoft offers IP indemnity on Commercial Copilot output under defined conditions.
  • Renewal lever. The privacy and data conversation pairs with the EA renewal, the M365 Copilot pilot, and the Azure AI commitment in one negotiation.

How Microsoft splits AI data in the contract

The Microsoft Product Terms define a precise taxonomy of data types involved in AI services. Each category carries different processing, retention, and training commitments.

The data taxonomy

Data typeDefinitionTraining commitment
Customer DataDocuments, emails, files, structured data customer providesNot used to train foundation models
Prompts and CompletionsUser input and AI generated output for AI featuresTreated as Customer Data under current Product Terms
Telemetry and Service DataOperational metrics, error logs, usage countersUsed to operate and improve the service
Abuse Monitoring DataStored prompts for safety reviewRetained for 30 days, not used for training
Customer Fine Tuning DataCustomer documents and examples used to fine tune a modelUsed to train customer specific model, not foundation

How the taxonomy maps to services

  • M365 Copilot. Customer Data, Prompts, and Completions covered under the M365 Online Services Terms.
  • Azure OpenAI Service. Prompts and Completions covered, with the 30 day abuse monitoring exception.
  • Azure AI Foundry. Same as Azure OpenAI Service for the platform, with custom model training rules.
  • GitHub Copilot Business and Enterprise. Suggestions handled under GitHub specific terms, with code training carve outs.

Customer Data and training, line by line

Microsoft has stated and contracted that Customer Data is not used to train foundation models. The clause sits in the Product Terms and the DPA.

The training clauses, where to find them

  • Product Terms Universal License Terms. The base commitment that Customer Data is processed only to provide the service.
  • Product Terms service specific. The Copilot, Azure OpenAI, and Azure AI Foundry specific commitments.
  • Data Protection Addendum. The GDPR Article 28 processor commitments, including international transfer language.
  • EU Data Boundary commitment. The geographic processing commitment for EU origin data.

What to verify in the buyer side review

  1. Customer Data definition. Confirm the definition covers all data types in scope.
  2. Training carve out scope. Confirm the no training commitment covers Prompts and Completions, not just stored documents.
  3. Fine tuning rules. Confirm customer fine tuning data trains only customer specific models, not foundation models.
  4. Connector data. Confirm data accessed by Copilot through Graph connectors is treated as Customer Data.
  5. Telemetry scope. Confirm telemetry definition does not extend into Customer Data territory.

Prompt and Completion content, the moving clause

Prompts (user input) and Completions (AI generated output) are the heart of every AI service interaction. Microsoft's contract treatment has evolved through multiple Product Terms versions in 2024 and 2025.

Current 2026 Product Terms treatment

  • Treated as Customer Data. Prompts and Completions for Copilot and Azure OpenAI Service fall under the Customer Data definition.
  • Not used to train foundation models. The commitment extends to Prompt and Completion content.
  • Abuse monitoring retention. Azure OpenAI Service retains prompts for 30 days for abuse monitoring. The retention applies to all prompts, not just suspect ones.
  • Abuse monitoring exception. Enterprise customers can apply for a modified abuse monitoring posture with limited or no prompt retention.

Where buyers should watch the clause

  • Product Terms version. Lock the version in force on contract effective date into the agreement package.
  • Service specific updates. Microsoft can update service specific Product Terms with notice. Track quarterly.
  • Regional variation. EU Data Boundary and sovereign cloud terms may modify the base treatment.

Residency and data location commitments

The 2024 EU Data Boundary commitment and the 2025 expansion to additional regions changed the residency conversation for European buyers.

Residency options on Microsoft AI

OptionCoverageApplicable services
EU Data BoundaryCustomer Data processed within EU and EFTAM365, Dynamics 365, Azure, Power Platform
UK Data BoundaryCustomer Data processed within UKM365, Azure (subset)
Microsoft Cloud for SovereigntySovereign control plane for regulated buyersAzure, M365 (subset)
Azure OpenAI Service regionalCustomer chooses Azure region for OpenAI inferenceAzure OpenAI
Azure AI Foundry regionalCustomer chooses region for model deploymentAzure AI Foundry

Buyer side priorities on residency

  • Named region commitment. Document the specific Azure region in the contract addendum, not the boundary alone.
  • Failover region clause. Confirm failover behavior under outage, and whether failover region is also inside the boundary.
  • Cross border telemetry. Confirm telemetry and service data residency, which may differ from Customer Data.
  • Subprocessor list. Pull the current Microsoft subprocessor list and confirm regional alignment.

Worked example. Regulated enterprise pilot

A European financial services group pilots M365 Copilot for 5,000 seats and Azure OpenAI Service for 12 application teams. The regulator requires EU Data Boundary processing and Article 28 processor commitments on every data category.

Pilot scope

  • M365 Copilot. 5,000 seats across legal, compliance, finance, and operations.
  • Azure OpenAI Service. 12 application teams running RAG, summarization, classification, and conversational workloads.
  • Regulatory perimeter. EU GDPR, EBA Guidelines, ECB ICT risk requirements.
  • Data categories. Customer Data, Prompts, Completions, telemetry.

Contract clauses added

  1. EU Data Boundary affirmation for all Customer Data and Prompts/Completions.
  2. Modified abuse monitoring for Azure OpenAI, reducing prompt retention to zero days on regulated workloads.
  3. Customer Copyright Commitment for Commercial Copilot output, with named scope.
  4. Subprocessor notification. 30 day advance notice on any subprocessor change.
  5. Audit cooperation clause. Microsoft cooperates with regulator inspections under defined scope.
  6. Exit and data export clauses. 90 day data export window, format, and certification.

Seven privacy levers on Microsoft AI contracts

The seven levers procurement carries to the EA

  1. Product Terms version lock. Freeze the version in force at contract effective date.
  2. Training scope confirmation. Customer Data, Prompts, and Completions all covered.
  3. Abuse monitoring exception. Modified or zero retention on regulated workloads.
  4. Residency commitment. Named region, named boundary, named failover.
  5. Subprocessor controls. Notification window, list publication, audit rights.
  6. Customer Copyright Commitment. Scope confirmation, exclusion list, indemnification process.
  7. Exit and data export clauses. Window, format, certification, and continuity.

What to do next

The eight step checklist takes a Microsoft AI deployment from a tactical pilot to a contracted, privacy ready production.

  1. Inventory AI services in scope by product and by data category.
  2. Pull the Product Terms version applicable to the contract effective date.
  3. Review the Customer Data and training clauses with privacy counsel.
  4. Apply for the abuse monitoring exception on regulated Azure OpenAI workloads.
  5. Negotiate the residency clauses with named regions and failover.
  6. Pull the subprocessor list and add notification and audit rights to the contract.
  7. Confirm the Customer Copyright Commitment scope for the Copilot deployment.
  8. Add exit and data export clauses to the renewal LOI before the SOW.

Frequently asked questions

Does Microsoft train foundation models on Customer Data?

No. Microsoft's Product Terms commit that Customer Data, including Prompts and Completions for Copilot and Azure OpenAI Service, is not used to train foundation models. The commitment sits in the Product Terms and the Data Protection Addendum.

Customers should verify the commitment in the version of Product Terms in force on the contract effective date, and track Product Terms updates quarterly.

How long does Azure OpenAI Service retain my prompts?

Standard Azure OpenAI Service retains prompts for 30 days for abuse monitoring. The retention applies to all prompts, not just suspect ones. The data is used to detect abusive or harmful content, not to train models.

Enterprise customers can apply for a modified abuse monitoring posture with limited or no prompt retention, subject to Microsoft approval. The exception is common for regulated financial services, healthcare, and government workloads.

What is the EU Data Boundary commitment?

The EU Data Boundary commits Microsoft to process Customer Data within EU and EFTA regions for M365, Dynamics 365, Azure, and Power Platform. The 2024 launch covered Customer Data, and the 2025 expansion brought in service generated data and professional services data.

Buyers should confirm specific service coverage and named region inside the contract addendum, not just rely on the boundary commitment.

What is the Customer Copyright Commitment on Copilot output?

Microsoft offers an IP indemnity on the output of Commercial Copilot products under defined conditions. The commitment includes Microsoft defending the customer against third party IP infringement claims based on Copilot output, subject to scope and exclusions.

The scope and exclusions are detailed in the Product Terms. Buyers should pull the current scope and confirm it covers the planned Copilot deployment.

How does the buyer side handle GitHub Copilot training scope?

GitHub Copilot Business and Enterprise commit that customer code suggestions and customer code repositories are not used to train the underlying models. The commitment is similar to Azure OpenAI Service but lives in GitHub specific terms.

Buyers with strong code IP positions should confirm the scope in writing during the GitHub Copilot Enterprise contracting process and review the code suggestion filtering settings.

How does Redress engage on AI privacy clause work?

Redress runs Microsoft AI advisory inside the Vendor Shield subscription, the Software Spend Assessment, the Renewal Program, and on engagement basis where an AI rollout is in flight. Every engagement is led by a former Microsoft commercial professional on the buyer side.

The output is a data taxonomy map, a Product Terms version lock memo, an abuse monitoring exception application, a residency clause set, and a Customer Copyright scope memo.

How Redress engages on Microsoft AI privacy work

Redress runs Microsoft AI advisory inside the Vendor Shield subscription, the Software Spend Assessment, the Renewal Program, and on engagement basis where an AI rollout is in flight.

Read the related Microsoft hub, the Microsoft services page, the Copilot licensing guide, the EA renewal playbook, the AI licensing guide, the Azure ELA negotiation guide, the M365 optimizer, the benchmarking page, the about us page, and the contact page.

Optimize your Microsoft 365 license footprint in under five minutes.
Open the Optimizer →
White Paper · Microsoft

Download the Microsoft EA Renewal Playbook.

Buyer side reference on the Microsoft EA renewal. AI privacy clauses, Copilot terms, MACC sizing, BYOL preservation, and the seven levers procurement carries to the table.

Independent. Buyer side. Written for CIOs, CFOs, privacy officers, and procurement leaders carrying a Microsoft Enterprise Agreement with AI in scope. No Microsoft kickback. No conflict on the table.

Microsoft EA Renewal Playbook

Open the white paper in your browser. Corporate email only.

Open the Paper →
7
Privacy levers
30 days
Default abuse retention
500+
Enterprise Clients
$2B+
Under advisory
100%
Buyer side

The Microsoft AI privacy contract is not one document. It is three documents stitched by reference. The buyer side wins by reading all three and locking the version of every one of them into the contract package.

General Counsel
European financial services group
More Reading

More from this practice.

Microsoft Hub →
Microsoft Copilot Licensing Guide
Microsoft · Guide
Microsoft Copilot Licensing Guide
M365 Copilot economics, pilot terms, ROI.
18 min read
Microsoft EA Renewal Playbook
Microsoft · Playbook
Microsoft EA Renewal Playbook
The EA renewal playbook for enterprise estates.
20 min read
Microsoft Azure ELA Negotiation
Microsoft · Article
Microsoft Azure ELA Negotiation
Master Azure commercial reference.
16 min read
Microsoft Knowledge Hub
Microsoft · Hub
Microsoft Knowledge Hub
Master Microsoft licensing reference.
22 min read
Microsoft Services 2026
Microsoft · Services
Microsoft Services 2026
EA, M365, Azure, audit defense.
12 min read
Editorial photograph of enterprise contract negotiation strategy

Lock the Microsoft AI privacy clauses in the EA. Independent advisors, end to end.

We have run 500+ enterprise clients across 11 publishers. Every engagement starts with one conversation.

Contact Us Vendor Shield

Microsoft AI privacy intelligence, monthly.

Product Terms version notes, residency clause patterns, abuse monitoring exception templates, Customer Copyright Commitment scope notes, and AI privacy lessons from every Microsoft engagement we run on the buyer side.