Copilot Data Flow Map — Where Does Your Data Go in M365 Copilot
Interactive data flow showing where your data goes when using Microsoft 365 Copilot. Security boundaries, sub-processor paths, OpenAI vs Anthropic, admin controls, compliance certifications.
Copilot Data Flow Map
Where does your data go in M365 Copilot? Interactive security & privacy flows
Where does your data go in M365 Copilot? Interactive security & privacy flows
Pick a scenario to see exactly where your data goes — step by step.
👆 Select a scenario above to see the data flow
When Copilot uses OpenAI models, your data stays inside Microsoft's boundary. When it uses Anthropic Claude, data crosses to a sub-processor. Here's exactly what's different.
OpenAI Models (GPT)
DefaultAnthropic Models (Claude)
Sub-processorData Residency by Region
Where your data is processed depends on your tenant's region.
Copilot can only access data YOU have permission to see via Microsoft Graph. But if your permissions are too broad, so is Copilot's view.
These are the security levers you can pull as an M365 admin to control Copilot's data access and behaviour.
Is your tenant ready for Copilot? Check off each item to see your readiness score.
Compliance Certifications
M365 Copilot inherits Microsoft 365 compliance and has AI-specific certifications including ISO/IEC 42001.
How does M365 Copilot actually work? Explore each layer of the architecture.
Every official Microsoft document about Copilot security and privacy — in one place. No more searching.
Does Microsoft train AI models on my data?
No. Microsoft explicitly commits that prompts, responses, and Microsoft Graph data are NOT used to train foundation models. This applies to both OpenAI and Anthropic models used in Copilot.
What happens when Copilot uses Anthropic Claude?
When Claude is used, your grounded prompt crosses the Microsoft boundary to Anthropic as a sub-processor. However, it remains under Microsoft's Data Protection Addendum (DPA). Anthropic cannot use your data for training. Admins can disable Claude entirely at tenant level.
Does Copilot send my data to Bing?
Only a short, derived search query is sent to Bing — not your full prompt, documents, or tenant data. No user identity is shared. Admins can disable web search entirely or enable Zero Query Logging (ZQL).
Where is my Copilot data stored?
Copilot follows Microsoft 365 data residency commitments. Prompts and responses are stored at rest in your tenant's local region. Note: Anthropic processing is excluded from the EU Data Boundary.
Can I see what users asked Copilot?
Yes. All Copilot interactions are logged in Microsoft Purview Audit — including prompts, responses, and web searches. Admins can search and review these logs.
What compliance certifications does Copilot have?
M365 Copilot inherits Microsoft 365 compliance and also holds ISO/IEC 42001 (AI management system) certification. It is SOC 1/2, ISO 27001/27018, GDPR, and HIPAA compliant.
What is grounding and why does it matter?
Grounding is the process of enriching your prompt with your organisation's actual data (emails, documents, chats) before sending it to the AI model. This is what makes Copilot give you specific, relevant answers instead of generic AI responses. It uses the Semantic Index and Microsoft Graph to find relevant context.
How many layers does the Copilot architecture have?
M365 Copilot processes prompts through seven key layers: Microsoft 365 Apps, Identity and Access (Entra ID), the Copilot Orchestrator, the Grounding layer (Semantic Index and Microsoft Graph), LLM Processing (Azure OpenAI and optional Anthropic), Responsible AI controls, and Response and Governance (delivery, audit, retention).
· Sources: Microsoft Learn — Privacy, Anthropic Sub-processor, Service Trust Portal. See something outdated? Let us know