.jpg "privacy protector supplier")
Use both the definitions and examples to determine what data is in-scope for SSPA management. These examples are intended to serve as a guide.
#PRIVACY PROTECTOR SUPPLIER SOFTWARE#
The scope of the Supplier Security and Privacy Assurance Program covers all suppliers globally that process Personal Data or Microsoft Confidential Data in connection with that supplier’s performance (e.g., provision of services, software licenses, cloud services), under the terms of its contract with Microsoft (e.g., Purchase Order terms, Master agreement) (“Perform”, “Performing” or “Performance”).įor definitions and examples of Personal Data and/or Microsoft Confidential Data, visit the Definitions section of the Supplier Data Protection Requirements (DPR), located below on this page.
Suppliers may also be selected to provide independent assurance by completing an assessment against the DPR. If a supplier is processing Personal Data and/or Microsoft Confidential Data, they will partner with their business sponsor to enroll in the SSPA Program. SSPA drives compliance to these requirements through an annual compliance cycle for new suppliers, work cannot start until this is complete. The Supplier Security and Privacy Assurance (SSPA) Program delivers Microsoft's data processing instructions, through the Microsoft Supplier Data Protection Requirements (DPR), to suppliers working with Personal Data and/or Microsoft Confidential Data. What is the Supplier Security and Privacy Assurance (SSPA) Program?
0 kommentar(er)
