Make Teams GDPR compliant for external users with custom Terms & Conditions
Office 365 has quite some GDPR functionality, but the case of external users for SharePoint and Teams is not managed:
- How do we get user consent of storing user profile, user activities and other privacy data.
- Declaration of how data is process in the system.
By supporting a customized "Terms & Condition" (which many other services do), this would be solved.
Also I am not sure how well Microsoft covers the GDPR requirements in their TrustCenter (e.g. https://www.microsoft.com/en-us/trustcenter/privacy/gdpr/solutions). Do you describe how user data is processed, can we ask for an excerpt of user data etc? Are not user profiles and user activities included in the GDPR requirements?
But nothing for instant messaging with federated domains
When external people join an external o365 group they get an invite with T&C and link to privacy that they have to accept. AAD admins can tailor how invites look.
Gil Roitto commented
Great addition! Kudos to the Azure team at Microsoft!