Data Privacy Center
Data Privacy at AWS
Earning customer trust is the foundation of our business at AWS. We earn this trust by working to meet our customers’ privacy needs and by being transparent in our privacy commitments. Our industry-leading privacy safeguards and security controls enable you to operate with the confidence that you can achieve and exceed privacy and compliance requirements globally. You can implement privacy protections based on your specific industry requirements and satisfy regulators and auditors using our services, tooling, and resources to control and protect your data.
Maintaining customer trust involves making ongoing commitments to you. These commitments include:
You own and control your data on AWS
You control your data. You determine who can access your data. Using AWS Regions, you control where your data is stored, based on your specific needs.
We build to the highest standards for data privacy
We raise the bar on privacy safeguards
We continuously raise the bar on privacy safeguards with a complete set of capabilities that support your privacy implementation, including the option to manage your own encryption keys with AWS Key Management Service and the ability to continuously monitor, log, and retain account activity with AWS Config and AWS CloudTrail.
We are transparent in our customer commitments
Our contracts are written in plain, straightforward language to be transparent and help you understand the data privacy protections that we offer.
Privacy Laws and Regulations
At AWS, customer trust is our top priority. We deliver services to millions of active customers, including enterprises, educational institutions, and government agencies in over 190 countries. Our customers include financial services providers, healthcare providers, and governmental agencies, who trust us with some of their most sensitive information.
For a complete list of certifications and attestations; laws, regulations and privacy; and alignments and frameworks, visit the Compliance Programs webpage.
Americas
- Act respecting the sharing of certain health information – Quebec
- Argentina Data Privacy
- Brazil Data Privacy
- California Consumer Privacy Act (CCPA)
- FERPA
- Freedom of Information and Protection of Privacy Act (FOIPPA) – British Columbia
- Health Information Act (HIA) – Alberta
- Mexico Data Privacy
- Personal Health Information Act (NL PHIA) – Newfoundland and Labrador
- Personal Health Information Act (PHIA) – Nova Scotia
- Personal Health Information Privacy and Access Act (NB PHIPAA) – New Brunswick
- Personal Health Information Protection Act (PHIPA) – Ontario
- Personal Information Protection and Electronic Documents Act (PIPEDA) – Canada