# MS Power Apps ## Kurzbeschreibung **“Transform your business with modern, AI-first applications.”** **Microsoft Power Apps** is a low-code platform for creating and deploying business applications. The product primarily supports canvas apps and model-driven apps, can be used with little or no code, and can also be extended through custom code, components, and integrations. Typical use cases include internal line-of-business applications, mobile data capture, process-oriented business apps, and app-supported workflows based on Dataverse, Microsoft 365, and other data sources. ## Claim Transform your business with modern, AI-first applications ## Geeignet für - API Integration - Automation / Workflows - Finance / Accounting - Marketing & Advertising - no Code App - Productivity & Planning - Programming / Software Development - Law / Compliance - Sales / Sales ## Kernfunktionen - App Development - Automation - Data Analysis ## Preismodell - **free:** Free developer account for building and testing unlimited apps/flows, multiple developer environments, connectors, Dataverse entitlement, and limited flow runs. - **subscription:** **Power Apps Premium** User license for unlimited Power Apps and Power Pages, prebuilt/custom/on-premises connectors, Dataverse entitlements, and agentic features in apps. **Power Apps Premium with minimum purchase requirement** For large organizations with many users; same core features with enterprise procurement. - **other:** **Pay-as-you-go via Azure** Usage-based billing for apps, Dataverse storage, and Power Platform meters via Azure Subscription. **Dataverse / AI Builder / Power Platform Add-ons** Additional capacities, AI Builder, Dataverse Storage, Power Automate, and other Power Platform extensions per usage. **Per-app license** No longer available for new customers since January 2, 2026; existing customers must check status and renewal. ## DSGVO und Datenschutz **Gesamteinschätzung:** Conditional **On-premises / local hosting: indirect / not available** A complete on-premises/self-hosted deployment of Power Apps as a complete product is not specified on the website. Only an on-premises Data Gateway is documented as a bridge to local data sources. **Private Cloud / Data Center: Partially** Microsoft documents advanced security and isolation features for managed environments, such as virtual network support and customer-managed encryption keys. This is a more controlled cloud environment, but it is not described on the website as a dedicated customer private cloud in the strict sense. **EU SaaS / Managed: Covered** Microsoft operates the Power Platform as a cloud service and documents data residency, geo-selection, and the EU Data Boundary for the Power Platform. When the tenant and all environments are deployed within an EU/EFTA geo, a managed SaaS operation close to the EU is provided. **Hybrid: Covered** Microsoft explicitly documents hybrid scenarios via the On-Premises Data Gateway, which allows Power Apps to access on-premises resources while the service itself runs in the cloud. **AVV / DPA: Covered** Microsoft publishes the “Microsoft Products and Services Data Protection Addendum (DPA)” and states that data processing and security terms are governed by it. **No Training: Partially** For Copilot/AI features in Dynamics 365 and Power Platform, Microsoft documents that prompts, responses, and customer data are not used to train Microsoft or third-party models unless the user opts in to share their data. Beyond this AI-related documentation, the website does not specify a general, product-wide exclusion for every conceivable use of data. **Open Source / Transparency Path: Partial** A transparency path is partially in place because Microsoft documents Power Fx as open source. However, for MS Power Apps as a whole, the website does not mention a complete open-source release or self-hostable core components. **Data Processing** MS Power Apps is documented on the website as a Microsoft cloud service within the Power Platform. Data is processed in Power Platform environments; environments can be assigned to a specific geographic region. Microsoft describes global data centers, replication within a specific geographic region for resilience, and EU/EFTA data processing within the framework of the EU Data Boundary. Hybrid connections to local systems are possible via the On-Premises Data Gateway. For Copilot/AI features, Microsoft states that processing occurs in Azure and that the non-use of customer data for model training—without requiring opt-in—is governed by contractual and documentary provisions. **Conclusion** For a European tool directory, MS Power Apps cannot be generally considered fully GDPR-compliant, but **it can be used under certain conditions with proper documentation**. The best available approach is deployment with a tenant and environments within the EU Data Boundary or an appropriate EU/EFTA geo, supported by a DPA/AVV, governance settings, and careful monitoring of connected services. Because on-premises deployment is not documented and Microsoft itself cites exceptions and configuration dependencies, the overall assessment is *conditional*. **Sources** - [https://www.microsoft.com/en-us/power-platform/products/power-apps/](https://www.microsoft.com/en-us/power-platform/products/power-apps/) - [https://learn.microsoft.com/en-gb/power-platform/admin/wp-compliance-data-privacy](https://learn.microsoft.com/en-gb/power-platform/admin/wp-compliance-data-privacy) - [https://www.microsoft.com/en-us/trust-center/privacy](https://www.microsoft.com/en-us/trust-center/privacy) - [https://www.microsoft.com/en-us/trust-center/privacy/data-location](https://www.microsoft.com/en-us/trust-center/privacy/data-location) - [https://learn.microsoft.com/en-us/privacy/eudb/eu-data-boundary-learn](https://learn.microsoft.com/en-us/privacy/eudb/eu-data-boundary-learn) - [https://www.microsoft.com/en/trust-center/privacy/european-data-boundary-eudb](https://www.microsoft.com/en/trust-center/privacy/european-data-boundary-eudb) - [https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?lang=1](https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA?lang=1) - [https://learn.microsoft.com/en-us/power-platform/admin/powerapps-privacy-export-dsr](https://learn.microsoft.com/en-us/power-platform/admin/powerapps-privacy-export-dsr) - [https://learn.microsoft.com/en-us/power-platform/admin/governance-considerations](https://learn.microsoft.com/en-us/power-platform/admin/governance-considerations) - [https://learn.microsoft.com/en-us/power-platform/admin/about-lockbox](https://learn.microsoft.com/en-us/power-platform/admin/about-lockbox) - [https://learn.microsoft.com/en-us/power-apps/maker/canvas-apps/gateway-reference](https://learn.microsoft.com/en-us/power-apps/maker/canvas-apps/gateway-reference) - [https://learn.microsoft.com/en-us/power-platform/admin/wp-onpremises-gateway](https://learn.microsoft.com/en-us/power-platform/admin/wp-onpremises-gateway) - [https://learn.microsoft.com/en-us/dynamics365/transparency-note-copilot-data-security-privacy](https://learn.microsoft.com/en-us/dynamics365/transparency-note-copilot-data-security-privacy) - [https://learn.microsoft.com/de-de/power-platform/faqs-copilot-data-security-privacy](https://learn.microsoft.com/de-de/power-platform/faqs-copilot-data-security-privacy) - [https://www.microsoft.com/en-us/power-platform/blog/2021/11/02/power-fx-open-source-now-available/](https://www.microsoft.com/en-us/power-platform/blog/2021/11/02/power-fx-open-source-now-available/) From the perspective of a user in Europe, using MS Power Apps in compliance with the GDPR is generally possible, but it depends on specific configurations and contractual arrangements. The Microsoft website provides a DPA, information on subprocessors, data residency options for Power Platform, and the EU Data Boundary for Power Platform. At the same time, Microsoft itself points out that data can be replicated within a selected geo, that certain user actions may expose data outside the geo, and that classification within the EU Data Boundary depends on tenant and environment deployment. **Positive** Positive aspects include the published Microsoft Products and Services Data Protection Addendum (AVV/DPA), the documented subprocessor structure, the ability to choose a data location or geo for Power Platform, the EU Data Boundary for Power Platform, and documented data subject rights and export functions. For Copilot/AI features, Microsoft also documents that customer data is not used to train Microsoft or third-party models unless the customer opts in to data sharing. **Negative** A negative or limiting aspect is that GDPR-compliant use does not automatically follow from standard use. Microsoft itself describes limited exceptions for transfers outside the EU Data Boundary, the dependency on billing address, tenant geo, and environment deployment, as well as the possibility that users or connected services may expose data outside the geo. The website does not specify whether Power Apps is available as a fully local deployment as a complete product. **Server Location** Microsoft lists several global data centers and geographic locations for the Power Platform. For EU/EEA-relevant use, Microsoft specifies the EU Data Boundary with data centers in EU and EFTA countries, including Austria, Belgium, Denmark, Finland, France, Germany, Greece, Ireland, Italy, the Netherlands, Norway, Poland, Spain, Sweden, and Switzerland. According to the website, the specific assignment for Dynamics 365 and Power Platform depends on the billing address as well as the deployment of the tenant and all environments within a geo location inside the EU Data Boundary. ## Hosting und Daten - **On-Prem / lokales Hosting:** unknown - **Private Cloud / Rechenzentrum:** teilweise / indirekt - **EU SaaS / Managed:** abgedeckt - **Hybrid:** abgedeckt - **AVV / DPA:** abgedeckt - **Kein Training auf Kundendaten:** teilweise / indirekt - **Open-Source / Transparenz-Pfad:** teilweise / indirekt ## Standort **Land:** USA **Taxonomie:** USA Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052-6399, USA. Relevant for many EEA contexts: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland; registered office: 70 Sir John Rogerson’s Quay, Dublin 2, Ireland. ## Vorteile - Very broad low-code spectrum from drag-and-drop to custom code. - Strong Microsoft integration including Dataverse, Microsoft 365, Dynamics, Power Platform, and connectors. - Governance, DLP, audit, and admin features for enterprise rollouts. - Hybrid connection of local data sources via gateway. - Free Developer Plan for development and testing. ## Nachteile - The Developer Plan is explicitly for development and testing, not intended as a regular production license. - The Basic/Dataverse base capabilities included in some Microsoft 365 licenses are not sufficient for standalone custom apps or premium connectors. - Licensing is comparatively complex because Premium, Pay-as-you-go, AI Builder Credits, Copilot Credits, and legacy/per-app scenarios interact. - No true self-hosting of the platform; local systems are connected, but the app platform itself remains Microsoft SaaS. - In certain GenAI/Bing/cross-region scenarios, additional data protection and approval reviews are required. ## Quellen - Offizielle Website: https://www.microsoft.com/en-us/power-platform/products/power-apps/ ## Letzter Datenstand 2026-04-27 ## Originalseite https://kifox.ai/en/ki-tools/ms-power-apps-en/