Skip to main content

Introduction

At Microsoft, we believe that privacy is a fundamental human right that requires a commitment to provide robust data protection for every individual and organization. We live up to this commitment by providing products, information, and controls that allow you to choose how your personal data is collected and used. Read on to learn more about our work to defend our customers’ data and empower our customers to manage and control their personal data.

Defending your data

Microsoft has continuously demonstrated that we will go above and beyond the requirements of the law to defend our customers’ data and the data of their users. We understand that our public sector and enterprise customers regularly need to move their data between countries to serve their clients, work with suppliers, and manage their global workforce. Following the Court of Justice for the European Union’s Schrems II ruling in July 2020, we provided additional contractual safeguards to support transfers of personal data. Our new steps to defend customers’ data and to indemnify their users for damages caused by Microsoft’s disclosure of their personal data in response to an order from a non-EU/EEA government or law enforcement agency in violation of GDPR make a substantial addition to our foundational privacy promises and build on the strong protections we already offer customers.

In addition, we are confident a broader solution will be found to provide additional certainty for cross-border data flows that will ensure the free flow of data while also allowing for responsible and reasonable government access to data.

Empowering our customers

Our mission is to empower every person and every organization on the planet to achieve more. Giving customers transparency and control over their data is essential to living this mission. Customers can use the Microsoft privacy dashboard to view, export, and delete their data (called “data subject rights” in some places). Globally, more than 60% of countries have privacy laws and most such laws enshrine these data subject rights. Since the Microsoft privacy dashboard launched in May 2018, over 51 million unique visitors have used the dashboard to understand and control their data.

Number of unique visitors to the privacy dashboard since inception
(May 2018 to February 2021)
51,128,466
Number of unique visitors in 202019,079,917
Average number of unique visitors each month1,549,347

The top ten markets with the most unique visitors have remained constant, with the United States comprising roughly a third of all visitors since inception (19 million). Countries with strong existing or emerging privacy laws, including India, Brazil, China, Japan, and South Korea, were also consistently among the top markets.

The world map with top markets for user access

Within the United States, Microsoft continues to call for a comprehensive federal privacy law, especially to ensure an equitable recovery after world-altering events of 2020. California has set an example with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia has followed that precedent with the Consumer Data Protection Act and dozens of other states are now working on their own privacy laws.

Our commitment to listening to our customers extends to ensuring that customers can reach our dedicated privacy team. The Microsoft privacy team responds to 900 privacy inquiries on average each month and works to drive privacy-enhancing features across our products and services. When we heard a common request from many of our Xbox customers about accessing their playtime data for Sea of Thieves, we collaborated with the gaming services team to make this data more readily available.

Required and optional data

Microsoft is committed to empowering our customers to make the choices that work best for them. To that end, we provide transparency about the data that is required to run our services and keep them secure and working as expected, and the data that we collect where we provide options to our users.

This report spotlights our recent work to continue to improve transparency about our data use through new privacy controls within Microsoft Teams. Personal data collected by Teams is never used to track our users or for any other marketing purposes. Instead, any personal data our customers choose to provide is used to ensure the product is safe and secure (required diagnostic data) and/or improving the product experience (optional diagnostic data).

You can learn more about the data collection practices of our major online services by reviewing detailed materials we provide about each one. The information in the summaries below are updated as often as necessary to reflect new service improvements, so you may want to visit these materials periodically to understand our continuous journey to improve transparency about our data use.

Transparency

We continue to strive toward building and maintaining trust in technology, and we know that transparency is a key component to that trust. You can see the full breadth of our commitment to digital trust, human rights, diversity and inclusiveness, and sustainability at our Corporate Social Responsibility Reports Hub.

Our Digital Trust Reports are intended to help our customers understand how Microsoft responds to government and law enforcement requests for data and for content removal, and the steps we take to protect our customers and their data:


Tell us how we are doing! Contact the Microsoft privacy team with your feedback about the Microsoft Privacy Report.