Microsoft Azure is a cloud computing platform for "Platform as a Service" (PaaS) and "Infrastructure as a Service" (IaaS) services offered by Microsoft. The services provided are hosted on servers that are not located in RWTH data centers and to which RWTH has no physical access. Microsoft is solely responsible for the services offered there.

Before use, these terms of use and the privacy information must be acknowledged.

The IT Center has centrally implemented the following framework conditions:

• Use is via a dedicated area (Tenant) azure.rwth-aachen.de, which has been set up exclusively for this purpose.
• Only regions within the European Union are enabled for Azure. For more information, see here: https://azure.microsoft.com/en-us/explore/global-infrastructure/data-residency/#select-geography
• Billing for Azure is based on actual usage and occurs through the corresponding subscription. Invoicing is done by the contractual partner Bechtle and sent directly to the respective institution assigned to the subscription. The budget responsibility lies with the participating institution.
• In addition to Microsoft's usage costs, DFN charges a flat fee of 4% on all Azure invoices. This fee compensates DFN for negotiating framework contracts and making them available to the community.
• The roles "Azure Order" and "Azure Usage" are required for using Azure. (Link to documentation)
• For adding new usage scenarios, a checklist must be completed in advance during application. This will be reviewed by the IT Center. Additionally, consultation with data protection officers, staff councils or Department 9 should take place. After successful approval, the subscription will be created for the institution via the application SeviRe.
• The use of Microsoft Azure occurs under a limited framework contract. RWTH reserves the right to terminate this contract and related services upon expiration. Users will be informed about the contract expiration in due time.

The following obligations apply to users:

• The use of Microsoft software and services must comply with the current version of product terms (PTs), online service terms (OSTs), and addendum to data protection for online services (DPA). These can be viewed on Microsoft's website and must be acknowledged and adhered to by users.
• The use of Azure is intended for activities in connection with RWTH Aachen University. Azure may not be used for private purposes.
• When using Azure, applicable legal regulations and provisions (licensing law, data protection law, personnel file law, tax law, copyright law, telemedia law, archive law, retention periods, US export control law etc.) must be observed.
• The applicable usage regulations of each software used in the cloud must be adhered to, especially regarding applicable licensing and contractual provisions as well as export regulations of each country. Information on export control can be found here.
• The protection requirements of data stored in Azure must be checked concerning data category, protection needs, and suitability; if necessary, coordination with RWTH Aachen's data protection officer should occur. Further information about the classification of data can be found here.
• The security of data stored in the cloud is incumbent upon each user. No automatic backups will be created by RWTH.
• Highly confidential data may not be stored in the cloud due to very high protection needs; therefore storage in a cloud service is not permitted for:
  • Data containing information that could lead to damage or liability for the university if published or lost; also personal data where compliance with data protection regulations or fulfillment of information obligations cannot be ensured.
    Examples include:
    • Personal data (attendance lists or lists of participants at an event), especially data regarding racial or ethnic origin, political opinions or religious or philosophical beliefs
    • Travel or payroll records (financial data, social data related to personnel files)
    • Research data that is not already intended for public release
    • Technical documents (blueprints of sensitive areas; network plans)
    • Protected documents (sick notes; draft certificates; contracts)
    • Examination processes (reports and corrections)
    • Data containing information where unauthorized access must be prevented; particularly includes information that must remain confidential due to contractual obligations or information subject to confidentiality duties.
• Sensitive documents must be encrypted when stored.
• If Azure is used together with external parties then certain conditions must apply:
  • The project partner must necessarily have knowledge about RWTH's usage conditions regarding Microsoft Azure.
  • A joint use with external companies or research institutions is only possible under existing contracts (e.g., cooperation agreements) regulating data exchange ensuring all parties have appropriate licensing. In case of legal questions Department 9 can assist.
  • A joint utilization of Azure with individuals who do not have any contractual relationship with RWTH is prohibited.
  • From “confidential” category onwards only encrypted storage/sharing allowed.

By using Azure you accept these aforementioned regulations

Furthermore we recommend following actions:

• Please utilize opportunities labeling stored files/documents appropriately according categories. Corrresponding guidelines will soon follow in our documentation.
• Please consider existing FDM processes and solutions at RWTH Aachen while processing/storing research-related datasets.
• User’s own devices accessing Microsoft’s Azureshould do so at their own risk.
• Avoid saving/synchronizing anydata onto personal devices since loss occurring no guarantees/support fromRWTH shall apply

Status: 19.05.2025