Data Privacy Center

You control your data. You determine who can access your data. Using AWS Regions, you control where your data is stored, based on your specific needs. We make it easy for you to encrypt your data in transit and at rest. We do not access, use, or share customer data without your agreement, except as required to prevent fraud and abuse, or to comply with law, as described in our Customer Agreement. We do not use customer data or derive information from it for marketing or advertising purposes.

At AWS, we support the highest privacy standards and compliance certifications to satisfy the requirements of our customers around the world. AWS has achieved internationally recognized certifications and accreditations for compliance with privacy assurance frameworks, such as ISO 27017 for cloud security, ISO 27701 for privacy information management, and ISO 27018 for cloud privacy.

We continuously raise the bar on privacy safeguards with a complete set of capabilities that support your privacy implementation, including the option to manage your own encryption keys with AWS Key Management Service and the ability to continuously monitor, log, and retain account activity with AWS Config and AWS CloudTrail. We do this by implementing consistent and scalable processes to manage privacy considerations, including how data is collected, used, accessed, stored, and deleted. We provide a wide variety of best practice documents, training, and guidance that you can leverage in your own controls to protect your data. We support industry initiatives to advocate for stronger privacy standards. 

Our contracts are written in plain, straightforward language to be transparent and help you understand the data privacy protections that we offer. We also provide ongoing data transparency reporting.