Microsoft 365 Copilot Data Boundary Settings Explained for Admins

As a Microsoft 365 administrator, you need to control where your organization’s data is stored and processed when users interact with Copilot. By default, Copilot may route data to Microsoft’s global cloud infrastructure outside your tenant’s designated region. This can conflict with data residency, compliance, and sovereignty requirements that your organization must follow. This article explains the data boundary settings available in the Microsoft 365 admin center that let you restrict Copilot data processing to a specific geographic boundary. You will learn how to configure these settings and understand the limitations of each option.

What Are Copilot Data Boundary Settings and Why They Exist

Copilot data boundary settings let you define a geographic region where all Copilot-related data processing must occur. This includes the user’s query, the grounding data retrieved from Microsoft Graph, the generated response, and any diagnostic logs associated with that interaction. Without these settings, Copilot may use Microsoft’s global cloud infrastructure, which can process data in data centers outside your tenant’s home region.

The primary reason for these settings is data residency compliance. Many organizations operate under regulations such as the General Data Protection Regulation in Europe, the California Consumer Privacy Act in the United States, or local data sovereignty laws. These regulations require that personal data or sensitive business data remain within a specific jurisdiction during processing. The data boundary setting gives you a tool to enforce this requirement for Copilot.

The feature is available only for tenants that have a Microsoft 365 Copilot license assigned to at least one user. It is also subject to the Microsoft 365 Data Boundaries policy, which covers a broader set of Microsoft 365 services. For Copilot specifically, the setting applies to the Copilot experience in Microsoft 365 apps like Word, Excel, PowerPoint, and Teams, as well as the Copilot pane in Microsoft 365.com and the Microsoft 365 mobile app.

How Data Processing Works With and Without a Boundary

When no data boundary is configured, Copilot queries are processed in the Microsoft 365 cloud region that is geographically closest to the user at the time of the request. This can change per session based on network routing and load balancing. When a data boundary is set, the system routes all Copilot requests to a data center within that boundary, even if the user is physically located elsewhere. This ensures that the processing location is predictable and auditable.

Supported Data Boundaries

As of the latest updates, Microsoft supports the following data boundaries for Copilot:

• European Union Data Boundary: Covers all EU member states plus the United Kingdom, Norway, Iceland, Liechtenstein, and Switzerland. Data is processed in data centers located in the EU.
• United States Data Boundary: Covers the 50 U.S. states and the District of Columbia. Data is processed in U.S.-based data centers.
• Custom Data Boundary: Available for tenants that have signed a Microsoft 365 Data Boundary agreement. This allows you to define a custom list of approved regions.

Steps to Configure Copilot Data Boundary Settings in the Admin Center

You must have Global Administrator or at least the Copilot Administrator role to change these settings. The configuration applies to the entire tenant and affects all users with a Copilot license.

1. Sign in to the Microsoft 365 admin center
   Go to https://admin.microsoft.com and sign in with your administrator account.
2. Navigate to Org settings
   In the left navigation pane, select Settings then Org settings.
3. Open the Copilot settings page
   On the Services tab, scroll down and click Copilot.
4. Locate the Data boundary section
   On the Copilot settings page, find the section labeled Data boundary. If the section is not visible, your tenant may not have the required license or the feature may be in gradual rollout.
5. Select the appropriate boundary
   Choose one of the following options from the dropdown menu:
   – European Union to restrict processing to EU data centers
   – United States to restrict processing to U.S. data centers
   – Custom only if you have a signed agreement and need a specific list of regions
6. Save the configuration
   Click Save at the bottom of the page. The change takes effect within 30 minutes for new Copilot sessions. Existing sessions may continue to use the previous boundary until the user refreshes the Copilot pane or restarts the application.

Common Issues and Limitations When Configuring Data Boundaries

The Data Boundary setting is grayed out or missing

This setting is only visible if your tenant has at least one active Microsoft 365 Copilot license. It also requires that the tenant is in a supported geo region. If you see the setting but it is grayed out, verify that you have the Copilot Administrator or Global Administrator role. Additionally, the setting may be temporarily unavailable during a service update. Wait 24 hours and check again.

Copilot still shows data from outside the boundary

The data boundary setting controls where processing occurs, not where the data was originally stored. If your tenant has data in SharePoint Online sites hosted in different regions, Copilot may still ground its responses using that data. The processing of the query and the generation of the response will happen within the boundary, but the source data may reside elsewhere. To fully control data location, you must also configure data residency settings for SharePoint, OneDrive, and Exchange Online through the Microsoft 365 Multi-Geo feature.

Performance impact after changing the boundary

When you set a data boundary that is far from your users’ physical location, you may notice slightly higher latency for Copilot responses. This is because the request must travel to the designated data center instead of the nearest one. The difference is typically under one second for most users. If latency becomes unacceptable, consider using the European Union boundary for European users and the United States boundary for North American users. You cannot set different boundaries for different user groups within the same tenant.

Copilot Data Boundary Settings vs Microsoft 365 Data Residency Options

Item	Copilot Data Boundary	Microsoft 365 Data Residency
Scope	Copilot query processing and response generation only	All Microsoft 365 workload data at rest and in transit
Configuration location	Microsoft 365 admin center > Org settings > Copilot	Microsoft 365 admin center > Settings > Org settings > Organization profile > Data location
Supported regions	European Union, United States, Custom	Over 120 countries and regions via Multi-Geo
User-level granularity	Tenant-wide only	Per-user or per-site via Multi-Geo
Effect on stored data	Does not move existing data	Moves data between regions
License requirement	Microsoft 365 Copilot license	Microsoft 365 E3, E5, or equivalent with Multi-Geo add-on

The Copilot Data Boundary setting is a subset of the broader Microsoft 365 Data Boundaries policy. It does not replace the need to configure data residency for your core workloads. For complete compliance, configure both settings: use the Copilot data boundary to control processing location, and use Multi-Geo or data residency policies to control where your tenant data is stored.

You can now configure the Copilot data boundary setting to enforce data processing within a specific geographic region. Start by verifying your tenant has the required Copilot license and that you hold the Copilot Administrator role. After saving the setting, monitor Copilot responses for latency changes and confirm that the boundary is enforced by reviewing diagnostic logs in the Microsoft 365 Defender portal. For advanced compliance scenarios, combine this setting with the Microsoft 365 Data Boundaries policy and Multi-Geo storage to achieve full data sovereignty.