Protect your data
Earning customer trust is the foundation of our business at AWS and we know you trust us to protect your most critical and sensitive assets: your data. We earn this trust by working closely with you to understand your data protection needs, and by offering the most comprehensive set of services, tooling, and expertise to help you protect your data. To do this, we provide technical, operational, and contractual measures needed to protect your data. With AWS, you manage the privacy controls of your data, control how your data is used, who has access to it, and how it is encrypted. We underpin these capabilities with the most flexible and secure cloud computing environment available today.
Our commitments to you
Data controls and residency
With AWS, you control your data by using powerful AWS services and tools to determine where your data is stored, how it is secured, and who has access to it. Services such as AWS Identity and Access Management (IAM) allow you to securely manage access to AWS services and resources. AWS CloudTrail and Amazon Macie enable compliance, detection, and auditing, while AWS CloudHSM and AWS Key Management Service (KMS) allow you to securely generate and manage encryption keys. AWS Control Tower provides governance and controls for data residency.
You can choose to store your customer data in any one or more of our AWS Regions around the world. You can also use AWS services with the confidence that customer data stays in the AWS Region you select. A small number of AWS services involve the transfer of data, for example, to develop and improve those services, where you can opt-out of the transfer, or because transfer is an essential part of the service (such as a content delivery service). We prohibit -- and our systems are designed to prevent -- remote access by AWS personnel to customer data for any purpose, including service maintenance, unless that access is requested by you or unless access is required to prevent fraud and abuse, or to comply with law. If we receive a law enforcement request, we will challenge law enforcement requests for customer data from governmental bodies where the requests conflict with law, are overbroad, or where we otherwise have appropriate grounds to do so. We also provide a bi-annual Information Request Report describing the types and number of information requests AWS receives from law enforcement.
At AWS, security is our top priority and security in the cloud is a shared responsibility between AWS and our customer. Financial services providers, healthcare providers, and governmental agencies are among the customers, who trust us with some of their most sensitive information. You can improve your ability to meet core security, confidentiality, and compliance requirements with our comprehensive services, whether that's through Amazon GuardDuty or our AWS Nitro System, the underlying platform for our EC2 instances. We've designed the Nitro System to have workload confidentiality and no operator access. With the Nitro System, there's no mechanism for any system or person to log in to EC2 servers, read the memory of EC2 instances, or access any data stored on instance storage and encrypted EBS volumes. In addition, services such as AWS CloudHSM and AWS Key Management Service allow you to securely generate and manage encryption keys, and AWS Config and AWS CloudTrail deliver monitoring and logging capabilities for compliance and audits.
AWS Digital Sovereignty Pledge
Our commitment to offering all AWS customers the most advanced set of sovereignty controls and features available in the cloud.
Data Privacy Center
At AWS, we earn trust by working to meet our customers’ privacy needs and being transparent in our privacy commitments.
Data Transfer Blog
We’ve launched two new online resources to help customers more easily complete data transfer assessments and comply with the GDPR, taking into account EDPB recommendations.
Privacy Features of AWS Services
We are transparent about how AWS services process the personal data you upload to your AWS account and we provide capabilities that allow you to encrypt, delete, and monitor the processing of your customer data.
EU Data Protection
We work closely with EU customers to understand their data protection needs and offer the most comprehensive set of services, tooling, and resources to help protect their data.