skip to primary navigationskip to content

AWS Contractual Obligations

Contractual Obligations on the University 

Under the UIS agreement there are a number of aspects where IT Managers must comply with AWS requirements when first setting up their AWS Organization, or when adding any new AWS products:

  • You must at all times comply with the AWS Acceptable Use Policy
  • Ensure you select the correct Supplier region
  • Ensure you report any account IDs that will be governed by the Framework agreement to
  • Ensure you report any use of personal data to
  • Ensure that if you are transferring personal data to AWS you have familiarised yourself with AWS' data protection and security arrangements, agree to them and have purchased AWS Business support as a minimum support level
  • Ensure that if you are transferring personal data to AWS you have put appropriate security measures in place under AWS' shared security model
  • Ensure that the AWS environmental policy meets your needs and any University policies relating to sustainability
  • Ensure that you have evaluated whether AWS is appropriate for the storage and processing of any valuable data, which includes but is not limited to personal data. 
  • Ensure that you have taken all reasonable steps to mitigate any losses
  • Ensure that if taking any Professional Services or Training from AWS that you make available staff with the appropriate level of expertise to agree one or more Statements of Work on behalf of your Institution with AWS.

Contractual Obligations on AWS

You should be aware that the University's agreement with AWS places significant limits on any liability on the part of AWS. The University's Legal Services have asked UIS in particular to highlight that:

  • AWS is responsible for implementing appropriate organisational, operational and technological processes to keep the your Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
  • AWS is responsible for notifying you if it becomes aware that any data you have stored in AWS has become corrupted, lost, breached or degraded and will comply with any reasonable action suggested by you to recover such data. This will be at AWS' cost if AWS is responsible for such loss. 
  • AWS will assist you in complying with your obligations in respect of data protection impact assessments and prior consultation in line with Articles 35 and 36 of the GDPR, by providing the ISO 27001, 27017 & 27018 Certifications, relevant SOC Reports and annual Audit report (subject to a Non-Disclosure Agreement)


If you have any enquiries regarding UIS network services, or other University network topics, please send an email to:

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

RSS Feed Latest news

LinkedIn Learning now available for all staff and students

May 19, 2020

All University and College staff and students can now access LinkedIn Learning, which offers a wide range of online courses on creative, technical and professional skills.

Wireless Service essential maintenance 08:00–09:00 Tues 19 May

May 14, 2020

The University Wireless Service will be unavailable between 08:00 and 09:00 on Tuesday 19 May while we apply an essential software update.

View all news