EU authorities are investigating to determine whether their own software deals with Microsoft comply with the GDPR.
The European Data Protection Supervisor (EDPS) launched an investigation on Monday, and can dole out fines of up to EUR50,000 per infraction, Reuters reports.
The EDPS will try to determine whether contracts with Microsoft are compliant with GDPR.
"When relying on third parties to provide services, the EU institutions remain accountable for any data processing carried out on their behalf," says Assistant EDPS Wojciech Wiewiorowski, according to Reuters.
Dutch authorities raised concerns last year over data collected through Microsoft Pro-Plus, Reuters says. This includes Microsoft Outlook, the email service, and Microsoft Word.
The investigation covers Microsoft usage by the European Commission and other EU institutions
A Microsoft spokesperson says, "“We are committed to helping our customers comply with GDPR, Regulation 2018/1725, and other applicable laws and are confident that our contractual arrangements allow customers to do so. We stand ready to help our customers answer any questions the European Data Protection Supervisor may have.”