Germany: Hessian Commissioner for Data Protection and Freedom of Information released report on the Use of Microsoft 365

Hessian Commissioner for Data Protection and Freedom of Information released report on the Use of Microsoft 365

On 15 November 2025, the Hessian Commissioner for Data Protection and Freedom of Information released the Report on the Use of Microsoft 365, which examines the use of Microsoft 365 based on seven criticism points identified in 2022 by the Conference of Independent Data Protection Authorities of the Federal and State Governments. The Report includes recommendations for public and private users of Microsoft 365 products in Hessen to help them ensure that their use of such products complies with the GDPR.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Data protection regulation

Regulated Economic Activity

infrastructure provider: cloud computing, storage and databases

Implementation Level

subnational

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2025-11-15

adopted

On 15 November 2025, the Hessian Commissioner for Data Protection and Freedom of Information releas…

Description

Hessian Commissioner for Data Protection and Freedom of Information released report on the Use of Microsoft 365

Scope

Complete timeline of this policy change