11.000+
CLOUD Act warrants
Microsoft fulfilled in 2023
All involving non-US customers. None were notified. Confirmed testimony to US Congress.
Yes, Azure OpenAI has a region in Brazil. No, that doesn't mean your data stays in Brazil. Telemetry, anti-abuse logs, Application Insights, and identity (Entra ID) keep going to Microsoft in the US — subject to the CLOUD Act and ANPD audits that consume dozens of hours from your DPO.
Metrics from Brazilian companies that migrated to MDA in the last 12 months. Anonymized data from Enterprise customers.
All involving non-US customers. None were notified. Confirmed testimony to US Congress.
By default, Azure OpenAI stores prompts and responses for 30 days on Microsoft global servers for abuse analysis.
It's not just tokens. Application Insights, Monitor, Key Vault, Private Link, and Storage add up. BRL 28k → BRL 4.4k/month in a real case.
For companies in regulated sectors (finance, legal, healthcare, government), these four pillars determine if generative AI is viable or legal risk.
MDA is a 100% Brazilian company, Brazilian partners, headquarters in São Paulo. Not subject to CLOUD Act, FISA, NSL, or any US surveillance law — unlike Microsoft.
Inference + logs + telemetry + identity + audit in a single Brazilian region. No cross-border replication. No global Cloud Logging. No Entra ID in the US.
Tokens are cheap, but Application Insights (BRL 2-15/GB), Monitor (BRL 8-50/user), Key Vault, Private Link (BRL 200/month/endpoint), and Storage add up. Dedicated Azure architect isn't optional.
Compatible with OpenAI SDK (Azure is too). Reindexing via Microsoft Graph (SharePoint/OneDrive intact). No penalty from Microsoft — Azure consumption just drops to zero.
The 6 criteria that weigh most in Brazilian regulated companies' decisions in 2026. No rhetoric — just verifiable data.
The MDA platform is model-agnostic. You can keep consuming Azure OpenAI for non-sensitive workloads or where you already have TCO commitment — just routed through our gateway, with PII redaction before leaving the Brazilian tenant, unified audit log, and cost ceiling.
Real scenarios: finance processes documents with customer data via MDA (zero exposure). Marketing uses Azure GPT-4o for creative copy generation (no personal data). DevOps consults Azure for code review. The same gateway audits everything, separates LGPD-sensitive from the rest, and invoices in one place.
Before ANY call to Azure, SSN, government ID, email, and sensitive data are removed. ANPD-ready.
MDA + Azure logs in one place — no need to open Application Insights to investigate an incident.
Total quota per user/team, regardless if the call went to MDA or Azure. Automatic fallback when hitting limit.
Simple rule: regulated data (LGPD) → MDA. Rest → Azure. No code change in client app.
Azure OpenAI down or rate limited? MDA 2.1 takes over automatically. Zero downtime.
MDA coexists with your existing Azure. No need to redo compute, storage, or networking.
Compiled from 200+ real questions from CIOs, CTOs, DPOs, and Data Heads in MDA vs Azure OpenAI evaluation cycles.
Inference stays in Brazil, yes. But telemetry, anti-abuse logs, aggregated Azure Monitor, Application Insights, and identity (Entra ID) continue going through the US. For LGPD in regulated sectors, that's insufficient.
Yes. The CLOUD Act requires US companies to hand over data under warrant regardless of physical location. Microsoft is American; therefore, the CLOUD Act applies. In 2023, Microsoft confirmed it fulfilled 11,000+ warrants involving non-US customers.
It reduces risk, but doesn't eliminate it. Confidential Computing protects against Microsoft's own access, but doesn't prevent metadata, logs, and telemetry from being exported — and doesn't stop Microsoft from handing over encryption keys under a CLOUD Act warrant.
For 50 moderate users: ~BRL 28,000 (~USD 5,300)/month on Azure (including Application Insights, Monitor, Key Vault, Private Link, Storage). MDA Growth: BRL 4,450 (~USD 840)/month. 84% savings — migration payback in 2 months.
You don't need to justify — it's pay-as-you-go, just stop calling the API and consumption drops to zero. For Enterprise Agreement, MDA has a procurement team that helps renegotiate minimum commitment with Microsoft.
For 95% of Brazilian enterprise cases, MDA 2.1 parity with GPT-4 Turbo in PT-BR is sufficient. If you need GPT-4o vision or o1 reasoning for specific cases, MDA allows controlled proxy to those models via gateway (with PII redacted before leaving).
MDA coexists with Azure: you can run the MDA platform on a Brazilian tenant and use Azure for other workloads. Sensitive data stays on MDA; everything else stays on your existing infrastructure.
No. MDA has native MCP Connector for Microsoft Graph (SharePoint, OneDrive, Outlook, Teams). Data is read on-demand with user permissions, no need to duplicate anything.
The biggest pain of exiting Azure OpenAI isn't technical — it's convincing your cloud team that migrating AI workload doesn't mean breaking the Landing Zone. MDA Consulting shows how MDA coexists with Azure: you keep compute, storage, and other workloads on your existing architecture, just remove generative AI from there.
In 5 business days we deliver: Azure dependencies analysis, phaseout plan without disruption, MCP integration map with Microsoft Graph (SharePoint/OneDrive intact), and Microsoft procurement-validated commercial proposal.