Who We Are

The Scottish Police Authority is independent of both the Scottish Government and policing. It is the primary governance body for policing in Scotland, and was established as a public body on 1 April 2013 by the Police and Fire Reform (Scotland) Act 2012. It was set up to hold the Chief Constable to account; promote, support and oversee improvement in policing. It is also responsible for the management and delivery of Forensic Services in Scotland and Independent Custody Visiting Scotland.

In this section, find out more about the Authority’s priorities, the Board and the Leadership team.

Who We Are

What We Do

The Scottish Police Authority is responsible for maintaining policing. It has four specific areas of responsibility:

promoting the policing principles

supporting continuous improvement

keeping policing under review

holding the Chief Constable to account.

This section tells you in outline what the Authority does.

What We Do

Complaints

Are you dissatisfied with the service you have received from policing in Scotland?

The Scottish Police Authority, Police Scotland and the Police Investigations and Reviews Commissioner (PIRC) all have a role to play in considering complaints about policing in Scotland.

In this section, find out who to direct your complaint to. We also welcome written communication in Gaelic (see our Gaelic Language Plan).

Complaints

Published: 24 April 2025

FOI 2024/25-122 - Information on countries in which Microsoft process data uploaded to Azure cloud or M365

LET 20250411 FOI Response 2024 25 122 (pdf, .29MB )

Report Summary

Issued 11 April 2025, this FOI response provides some information held regarding data sovereignty and explains that some information held is publicly available with a link provided to assist.

To access the full document please open the PDF document above.

To view as accessible content please use the sections below. (Note that some tables and appendixes are not available as accessible content).

Request

Your request for information dated 24 March 2025 is copied below.

Please supply me with any information, documentation, contract clause change or emails, etc. that you have received in the past two years which identify any countries where Microsoft can or actually do process any data you have uploaded to the following services:

1 - Any service operated by or on the Microsoft Azure cloud platform by any of your processors or contracted service providers (including a direct contract with Microsoft)

2 - Any Microsoft M365 service

For the purposes of this request you should consider any offshored administration or direct system support as being ‘processing’, whether this relates to personal data or not - this is not a GDPR specific request.

| Next Section

Related Publications

The documents below are related by Topic and are the most recently published

Terms of Reference - Exceptional Circumstances Committee

Published: 27 November 2025

View Publication

Terms of Reference - Audit Risk & Assurance Committee

Published: 27 November 2025

View Publication

Terms of Reference - Policing Performance Committee

Published: 27 November 2025

View Publication

Terms of Reference - Complaints & Conduct Committee

Published: 27 November 2025

View Publication

Back to all documents

Tell us whether you accept cookies

FOI 2024/25-122 - Information on countries in which Microsoft process data uploaded to Azure cloud or M365

Report Summary

Request

Related Publications

Terms of Reference - Exceptional Circumstances Committee

Terms of Reference - Audit Risk & Assurance Committee

Terms of Reference - Policing Performance Committee

Terms of Reference - Complaints & Conduct Committee