Data Privacy at AWS

Earning customer trust is the foundation of our business at AWS. We earn this trust by working to meet our customers’ privacy needs and by being transparent in our privacy commitments. Our industry-leading privacy safeguards and security controls enable you to operate with the confidence that you can achieve and exceed privacy and compliance requirements globally. You can implement privacy protections based on your specific industry requirements and satisfy regulators and auditors using our services, tooling, and resources to control and protect your data.

Maintaining customer trust involves making ongoing commitments to you. These commitments include:

You control your data. You determine who can access your data. Using AWS Regions, you control where your data is stored, based on your specific needs. We make it easy for you to encrypt your data in transit and at rest. We do not access, use, or share customer data without your agreement, except as required to prevent fraud and abuse, or to comply with law, as described in our Customer Agreement. We do not use customer data or derive information from it for marketing or advertising purposes.

Close

At AWS, we support the highest privacy standards and compliance certifications to satisfy the requirements of our customers around the world. AWS has achieved internationally recognized certifications and accreditations for compliance with privacy assurance frameworks, such as ISO 27017 for cloud security, ISO 27701 for privacy information management, and ISO 27018 for cloud privacy.

Close

We continuously raise the bar on privacy safeguards with a complete set of capabilities that support your privacy implementation, including the option to manage your own encryption keys with AWS Key Management Service and the ability to continuously monitor, log, and retain account activity with AWS Config and AWS CloudTrail. We do this by implementing consistent and scalable processes to manage privacy considerations, including how data is collected, used, accessed, stored, and deleted. We provide a wide variety of best practice documents, training, and guidance that you can leverage in your own controls to protect your data. We support industry initiatives to advocate for stronger privacy standards. 

Close

Our contracts are written in plain, straightforward language to be transparent and help you understand the data privacy protections that we offer. We also provide ongoing data transparency reporting.  

Close

You own and control your data on AWS

You control your data. You determine who can access your data. Using AWS Regions, you control where your data is stored, based on your specific needs.

Read more »

We build to the highest standards for data privacy

At AWS, we support the highest privacy standards and compliance certifications to satisfy the requirements of our customers around the world.
Read more »

We raise the bar on privacy safeguards

We continuously raise the bar on privacy safeguards with a complete set of capabilities that support your privacy implementation, including the option to manage your own encryption keys with AWS Key Management Service and the ability to continuously monitor, log, and retain account activity with AWS Config and AWS CloudTrail.

Read more »

We are transparent in our customer commitments

Our contracts are written in plain, straightforward language to be transparent and help you understand the data privacy protections that we offer. 

Read more »

Privacy Laws and Regulations

At AWS, customer trust is our top priority. We deliver services to millions of active customers, including enterprises, educational institutions, and government agencies in over 190 countries. Our customers include financial services providers, healthcare providers, and governmental agencies, who trust us with some of their most sensitive information. 

For a complete list of certifications and attestations; laws, regulations and privacy; and alignments and frameworks, visit the Compliance Programs webpage.

Americas

Asia Pacific

Europe, Middle East & Africa

Data Privacy FAQ

We know that customers care deeply about privacy and data security. AWS continually monitors the evolving privacy regulatory and legislative landscape to identify changes and determine what tools our customers might need to meet their compliance needs. 
 

Resources

General Data Protection Regulation (GDPR) Center

Privacy Features of AWS Services

Using AWS in the Context of Common Privacy & Data Protection Considerations

AWS Privacy Notice
compliance-contactus-icon
Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »