Microsoft Privacy Statement

Last Updated: October 2017 What's new?

Your privacy is important to us. This privacy statement explains what personal data Microsoft collects from you, through our interactions with you and through our products, and how we use that data.

Microsoft offers a wide range of products, from server products used to help operate enterprises worldwide, devices you use in your home, software students use at school, and services developers use to create and host what’s next. References to Microsoft products in this statement include Microsoft services, websites, apps, software, servers and devices.

Please read the product-specific details in this privacy statement, which provide additional information about some of Microsoft products. This statement applies to Microsoft’s interactions with you and the Microsoft products listed below, as well as other Microsoft products that display this statement.


Personal Data We CollectPersonal Data We Collectmainpersonaldatawecollect
Summary
Full text

Microsoft collects data to operate effectively and provide you the best experiences with our products. You provide some of this data directly, such as when you create a Microsoft account, administer your organization’s licensing account, submit a search query to Bing, register for a Microsoft event, speak a voice command to Cortana, upload a document to OneDrive, purchase an MSDN subscription, sign up for Office 365, or contact us for support. We get some of it by recording how you interact with our products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device.

We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time, but have included:

  • Data brokers from which we purchase demographic data to supplement the data we collect.
  • Social networks when you grant permission to a Microsoft product to access your data on one or more networks.
  • Service providers that help us determine a location based on your IP address in order to customize certain products to your location.
  • Partners with which we offer co-branded services or engage in joint marketing activities, and
  • Publicly-available sources such as open government databases or other data in the public domain.

You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or feature.

The data we collect depends on the context of your interactions with Microsoft, the choices you make, including your privacy settings, and the products and features you use. The data we collect can include the following:

Name and contact data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.

Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.

Demographic data. We collect data about you such as your age, gender, country, and preferred language.

Payment data. We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument.

Device and Usage data. We collect data about your device and how you and your device interact with Microsoft and our products. For example, we collect:

  • Product use data. We collect data about the features you use, the items you purchase, and the web pages you visit. This data includes your voice and text search queries or commands to Bing, Cortana, and our chat bots. This also includes the settings you select and the software configurations your use most.
  • Device, connectivity and configuration data. We collect data about your device and the network you use to connect to our products. It includes data about the operating systems and other software installed on your device, including product keys. It also includes IP address, device identifiers (such as the IMEI number for phones), regional and language settings.
  • Error reports and performance data. We collect data about the performance of the products and any problems you experience with them. This data helps us to diagnose problems in the products you use, and to improve our products and provide solutions. Depending on your product and settings, error reports (sometimes called “crash dumps”) can include data such as the type or severity of the problem, details of the software or hardware related to an error, contents of files you were using when an error occurred, and data about other software on your device.
  • Troubleshooting and Help Data. When you engage Microsoft for troubleshooting and help, we collect data about you and your hardware, software, and other details related to the incident. Such data includes contact or authentication data, the content of your chats and other communications with Microsoft, data about the condition of the machine and the application when the fault occurred and during diagnostics, and system and registry data about software installations and hardware configurations.

Interests and favorites. We collect data about your interests and favorites, such as the teams you follow in a sports app, the programming languages you prefer, the stocks you track in a finance app, or the favorite cities you add to a weather app. In addition to those you explicitly provide, your interests and favorites may also be inferred or derived from other data we collect.

Contacts and relationships. We collect data about your contacts and relationships if you use a Microsoft product to manage contacts, for example Outlook.com, or to communicate or interact with other people or organizations, for example Visual Studio Team Services.

Location data. For products with location-enhanced features, we collect data about your location, which can be either precise or imprecise. Precise location data can be Global Navigation Satellite System (GNSS) data (e.g., GPS), as well as data identifying nearby cell towers and Wi-Fi hotspots, we collect when you enable location-based products or features. Imprecise location data includes, for example, a location derived from your IP address or data that indicates where you are located with less precision, such as at a city or postal code level.

Content. We collect content of your files and communications when necessary to provide you with the products you use. For example, if you transmit a file using Skype to another Skype user, we need to collect the content of that file to display it to you and the other user as you direct. If you receive an email using Outlook.com, we need to collect the content of that email to deliver it to your inbox, display it to you, enable you to reply to it, and store it for you until you choose to delete it. Other data we collect to provide communication services to you include the:

  • subject line and body of an email,
  • text or other content of an instant message,
  • audio and video recording of a video message, and
  • audio recording and transcript of a voice message you receive or a text message you dictate.

Video. If you enter our retail stores or other facilities, or attend a Microsoft event, your image may be captured by our security cameras.

If you use Spend, at your direction, we may also collect payment card information, receipt data, or financial transaction data, to provide the service.

If you use Enterprise Online Services, Microsoft collects Customer Data (including content), Support Data, and Administrator Data, defined below in the Enterprise and Developer Products section.

We also collect information you provide to us and the content of messages you send to us, such as feedback and product reviews you write, or questions and information you provide for customer support. When you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded.

Product-specific sections below describe data collection practices applicable to use of those products.

How We Use Personal DataHow We Use Personal Datamainhowweusepersonaldatamodule
Summary
Full text

Microsoft uses the data we collect for three basic purposes, described in more detail below: (1) to operate our business and provide (including improving and personalizing) the products we offer, (2) to send communications, including promotional communications, and (3) to show advertising, whether in our own products supported by advertising like MSN and Bing, or in products offered by third parties.

In carrying out these purposes, we combine data we collect to give you a more seamless, consistent and personalized experience. For example, Cortana can use the favorite sports teams you add to the Microsoft Sports app to provide information relevant to your interests, Windows Store can use information about the apps and services you use to make personalized app recommendations. However, to enhance privacy, we have built in technological and procedural safeguards designed to prevent certain data combinations. For example, we store data we collect from you when you are unauthenticated (not signed in) separately from any account information that directly identifies you, such as your name, email address or phone number.

Providing and improving our products. We use data to provide and improve the products we offer and perform essential business operations. This includes operating the products, maintaining and improving the performance of the products, developing new features, conducting research, and providing customer support. Examples of such uses include the following:

  • Providing the Products. We use data to carry out your transactions with us and to provide our products to you. Often, those products include personalized features and recommendations that enhance your productivity and enjoyment, and automatically tailor your product experiences based on the data we have about your activities, interests and location.
  • Customer support. We use data to diagnose product problems, repair customers' devices, and provide other customer care and support services.
  • Product activation. We use data—such as device and application type, location, and unique device, application, network and subscription identifiers—to activate software and devices that require activation.
  • Product Improvement. We use data to continually improve our products, including adding new features or capabilities. For example, we use error reports to improve security features, search queries and clicks in Bing to improve the relevancy of the search results, usage data to determine what new features to prioritize, and audio recordings from voice input features to improve speech recognition accuracy.
  • Security, Safety and Dispute Resolution. We use data to protect the security and safety of our products and our customers, to detect and prevent fraud, to confirm the validity of software licenses, to resolve disputes and enforce our agreements. Our security features and products can disrupt the operation of malicious software and notify users if malicious software is found on their devices. For example, some of our communications and file syncing products, such as Outlook or OneDrive, systematically scan content in an automated manner to identify suspected spam, viruses, abusive actions, or URLs that have been flagged as fraud, phishing or malware links; and we may block delivery of a communication or remove content if it violates our terms.
  • Business Operations. We use data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

Communications. We use data we collect to communicate with you and personalize our communications with you. For example, we may contact you by phone or email or other means to inform you when a subscription is ending, discuss your licensing account, let you know when security updates are available, remind you about items left in your online shopping cart, update you or inquire about a service or repair request, invite you to participate in a survey, or tell you that you need to take action to keep your account active. Additionally, you can sign up for email subscriptions and choose whether you wish to receive promotional communications from Microsoft by email, SMS, physical mail, and telephone. For information about managing your contact data, email subscriptions and promotional communications, please visit the Access and Controls section of this privacy statement.

Advertising. Microsoft does not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you.

We use data we collect through our interactions with you, through some of our products and on third-party web properties, to show advertising. For example:

  • Microsoft may use your data to select and deliver some of the ads you see on Microsoft web properties, such as Microsoft.com, MSN and Bing.
  • When the advertising ID is enabled in Windows 10 as part of your privacy settings, Microsoft apps can access and use the advertising ID (much the same way that websites can access and use a unique identifier stored in a cookie) to select and deliver ads in such apps.
  • We may share data we collect with third parties, such as Oath, AppNexus, or Facebook (see below), so that they can select and deliver some of the ads you see in our products, their products, or other sites and apps serviced by these partners.
  • Advertisers may choose to place our web beacons on their sites in order to allow Microsoft to collect information on their sites such as activities, purchases and visits; we use this data on behalf of our advertising customers to help target their ads. We also share data directly with service providers, such as Oath, AppNexus, or Facebook, to permit them to provide services on our behalf or to partner with us in selecting and serving ads for our advertising partners.

The ads that you see may be selected based on data we process about you, such as your interests and favorites, your location, your transactions, how you use our products, your search queries, or the content you view. For example, if you view content on MSN about automobiles, we may show advertisements about cars; if you search “pizza places in Seattle” on Bing, you may see advertisements in your search results for restaurants in Seattle.

The ads that you see may also be selected based on other information learned about you over time using demographic data, location data, search queries, interests and favorites, usage data from our products and sites, as well as the sites and apps of our advertisers and partners. We refer to these ads as "interest-based advertising" in this statement. For example, if you view gaming content on xbox.com, you may see offers for games on MSN. To provide interest-based advertising, we combine cookies placed on your device using information that we collect (such as IP address) when your browser interacts with our websites. If you opt out of receiving interest-based advertising, data associated with these cookies will not be used.

Further details regarding our advertising-related uses of data include:

  • Advertising Industry Best Practices and Commitments. Microsoft is a member of the Network Advertising Initiative (NAI) and adheres to the NAI Code of Conduct. We also adhere to the following self-regulatory programs:
  • Health-Related Ad Targeting. In the United States, we provide interest-based advertising based on a limited number of standard, non-sensitive health-related interest categories, including allergies, arthritis, cholesterol, cold and flu, diabetes, gastrointestinal health, headache / migraine, healthy eating, healthy heart, men’s health, oral health, osteoporosis, skin health, sleep, and vision / eye care. We will also target ads based on custom, non-sensitive health-related interest categories as requested by advertisers.
  • Children and Advertising. We do not deliver interest-based advertising to children whose birthdate in their Microsoft account identifies them as under 13 years of age.
  • Data Retention. For interest-based advertising, we retain data for no more than 13 months, unless we obtain your consent to retain the data longer.
  • Data Sharing. In some cases, we share with advertisers reports about the data we have collected on their sites or ads.
  • Data Collected by Other Advertising Companies. Advertisers sometimes include their own web beacons (or those of their other advertising partners) within their advertisements that we display, enabling them to set and read their own cookie. Additionally, Microsoft partners with third-party ad companies to help provide some of our advertising services, and we also allow other third-party ad companies to display advertisements on our sites. These third parties may place cookies on your computer and collect data about your online activities across websites or online services. These companies currently include, but are not limited to: A9, AppNexus, Criteo, Facebook, MediaMath, nugg.adAG, Oath, Rocket Fuel, Yahoo!. You may find more information on each company's practices, including the choices it offers, by clicking on the company names above. Many of them are also members of the NAI or DAA, which each provide a simple way to opt out of ad targeting from participating companies.
Reasons We Share Personal DataReasons We Share Personal Datamainreasonswesharepersonaldatamodule
Summary
Full text

We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorized. For example, we share your content with third parties when you tell us to do so, such as when you send an email to a friend, share photos and documents on OneDrive, or link accounts with another service. When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.

In addition, we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we've hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.

Finally, we will access, transfer, disclose, and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive), when we have a good faith belief that doing so is necessary to:

  1. comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
  2. protect our customers, for example to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life or serious injury of anyone;
  3. operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks; or
  4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer's private content ourselves, but we may refer the matter to law enforcement.

For more information about data we disclose in response to requests from law enforcement and other government agencies, please see our Law Enforcement Transparency Report, available at microsoft.com/about/corporatecitizenship/en-us/reporting/transparency.

Please note that some of our products include links to products of third parties whose privacy practices differ from Microsoft's. If you provide personal data to any of those products, your data is governed by their privacy statements.

How to Access & Control Your Personal DataHow to Access & Control Your Personal Datamainhowtoaccesscontrolyourdatamodule
Summary
Full text

You can view, edit, or delete your personal data online for many Microsoft products. You can also make choices about Microsoft's collection and use of your data. How you can access or control your personal data will depend on which products you use. For example:

  • Microsoft privacy dashboard. You can see and control activity data across multiple Microsoft services on the Microsoft privacy dashboard at: account.microsoft.com/privacy. From here, you can view, and clear browsing, search, and location data associated with your Microsoft account. You can also manage data in your Cortana Notebook and Microsoft Health services.
  • Volume Licensing Service Center (VLSC). From here, you can gain easy access to all your licensing information in one location.
  • Microsoft account. If you wish to access, edit, or remove the profile information and payment information in your Microsoft account, change your password, add security information or close your account, you can do so by visiting account.microsoft.com. From here, you can also access controls for other Microsoft products.
  • Skype. If you wish to access edit or remove profile information and payment information in your Skype account or change your password, you can sign into your account at login.skype.com/login.
  • Xbox. If you use Xbox Live or Xbox.com, you can view or edit your personal data, including billing and account information, privacy settings, online safety and data sharing preferences by accessing My Xbox on the Xbox console or on the Xbox.com website.
  • Microsoft Store. You can access your Microsoft Store profile and account information by visiting www.microsoftstore.com/ and clicking on "View account" or "Order history."
  • Microsoft.com. You can access and update your profile on microsoft.com by visiting the Microsoft.com Profile Center.
  • If you have a Microsoft Developer Network public profile, you can access and edit it at connect.microsoft.com/profile.aspx.

If you cannot access certain personal data collected by Microsoft via the links above or directly through the Microsoft products you use, you can always contact Microsoft by using our web form. We will respond to requests to access or delete your personal data within 30 days.

Your Communications Preferences

You can choose whether you wish to receive promotional communications from Microsoft by email, SMS, physical mail, and telephone. If you receive promotional email or SMS messages from us and would like to opt out, you can do so by following the directions in that message. You can also make choices about the receipt of promotional email, telephone calls, and postal mail by signing in with your personal Microsoft account, and viewing your communication permissions where you can update contact information, manage Microsoft-wide contact preferences, opt out of email subscriptions, and choose whether to share your contact information with Microsoft partners. If you do not have a personal Microsoft account, you can manage your Microsoft email contact preferences by using this web form. These choices do not apply to mandatory service communications that are part of certain Microsoft services, or to surveys or other informational communications that have their own unsubscribe method.

Your Advertising Choices

You may opt out of receiving interest-based advertising from Microsoft by visiting our opt-out page. When you opt out, your selection will be stored in a cookie that is specific to the web browser you are using. The opt-out cookie has an expiration date of five years. If you delete the cookies on your device, you will need to opt out again.

You can also link your opt-out choice with your personal Microsoft account. It will then apply on any device where you use that account, and will continue to apply until someone signs in with a different personal Microsoft account on that device. If you delete the cookies on your device, you will need to sign in again for the settings to apply.

For advertising that appears in apps on Windows, you may use the opt-out linked to your personal Microsoft account, or opt out of interest-based advertising by turning off the advertising ID in Windows Settings.

Because the data used for interest-based advertising is also used for other necessary purposes (including providing our products, analytics and fraud detection), opting out of interest-based advertising does not stop that data from being collected. Nor does it mean you will stop getting ads or see fewer ads. However, if you do opt out, the ads you receive will no longer be interest-based and may be less relevant to your interests.

You can opt out of receiving interest-based advertising from third parties we partner with by visiting their sites (see above).

Browser-Based Controls

  • Cookie Controls. Relevant browser-based cookie controls are described in the Cookies section of this privacy statement.
  • Tracking Protection. Internet Explorer (versions 9 and up) has a feature called Tracking Protection that will block third-party content, including cookies, from any site that is listed in a Tracking Protection List you add. By limiting calls to these sites, the browser will limit the information these third-party sites can collect about you.
  • Browser Controls for "Do Not Track." Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, Microsoft services do not currently respond to browser DNT signals. We continue to work with the online industry to define a common understanding of how to treat DNT signals. In the meantime, you can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving interest-based advertising from Microsoft as described above.
Cookies & Similar TechnologiesCookies & Similar Technologiesmaincookiessimilartechnologiesmodule
Summary
Full text

Microsoft uses cookies (small text files placed on your device) and similar technologies to provide our websites and online services and to help collect data. The text in a cookie often consists of a string of numbers and letters that uniquely identifies your computer, but it can contain other information as well. Microsoft apps use additional identifiers, such as the advertising ID in Windows, for similar purposes, and many of our websites and applications also contain web beacons or other similar technologies, as described below.

Our Use of Cookies and Similar Technologies

Microsoft uses cookies and similar technologies for several purposes, depending on the product, including:

  • Storing your Preferences and Settings. Settings that enable our products to operate correctly or that maintain your preferences over time may be stored on your device. For example, if you enter your city or postal code to get local news or weather information on a Microsoft website, we may store that data in a cookie so that you will see the relevant local information when you return to the site. We also save preferences, such as language, browser and multimedia player settings, so those do not have to be reset each time you return to the site. If you opt out of interest-based advertising, we store your opt-out preference in a cookie on your device.
  • Sign-in and Authentication. When you sign into a website using your personal Microsoft account, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the site without having to sign in again on each page. You can also save your sign-in information so you do not have to sign in each time you return to the site.
  • Security. We use cookies to detect fraud and abuse of our websites and services.
  • Storing Information you Provide to a Website. When you provide information, or add products to a shopping cart when shopping on Microsoft websites, we store the data in a cookie to remember the products and information you have added.
  • Social Media. Some of our websites include social media cookies, including those that enable users who are logged in to the social media service to share content via that service.
  • Feedback. Microsoft uses cookies to enable you to provide feedback on a website.
  • Interest-Based Advertising. Microsoft uses cookies to collect data about your online activity and identify your interests so that we can provide advertising that is most relevant to you. You can opt out of receiving interest-based advertising from Microsoft as described in the Access and Control section of this privacy statement.
  • Showing Advertising. Microsoft uses cookies to record how many visitors have clicked on an advertisement and to record which advertisements you have seen so you don’t see the same one repeatedly.
  • Analytics. In order to provide our products, we use cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service and to develop other statistics about the operations of our products. This includes cookies from Microsoft and from third-party analytics providers.
  • Performance. Microsoft uses cookies for load balancing to ensure that websites remain up and running.

Some of the cookies we commonly use are listed below. This list is not exhaustive, but it is intended to illustrate the main reasons we typically set cookies. If you visit one of our websites, the site may set some or all of the following cookies:

  • MUID, MC1 and MSFPC - Identifies unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics and other operational purposes.
  • ANON - Contains the ANID, a unique identifier derived from your Microsoft account, which is used for advertising, personalization, and operational purposes. It is also used to preserve your choice to opt out of interest-based advertising from Microsoft if you have chosen to associate the opt-out with your Microsoft account.
  • CC - Contains a country code as determined from your IP address.
  • PPAuth, MSPAuth, MSNRPSAuth, KievRPSAuth - Helps to authenticate you when you sign in with your Microsoft account.
  • NAP - Contains an encrypted version of your country, postal code, age, gender, language and occupation, if known, based on your Microsoft account profile.
  • MH - Appears on co-branded sites where Microsoft is partnering with an advertiser. This cookie identifies the advertiser, so the right ad is selected.
  • MR - Used to collect information for analytics purposes.
  • TOptOut - Records your decision not to receive interest-based advertising delivered by Microsoft.

In addition to the cookies Microsoft sets when you visit our websites, third parties may also set cookies when you visit Microsoft sites. In some cases, that is because we have hired the third party to provide services on our behalf, such as site analytics. In other cases, it is because our web pages contain content or ads from third parties, such as videos, news content or ads delivered by other ad networks. Because your browser connects to those third parties' web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.

How to Control Cookies

Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. For example, in Microsoft Edge, you can block or delete cookies by clicking Settings > Privacy > Cookies. Instructions for blocking or deleting cookies in other browsers may be available in each browser's privacy or help documentation.

Certain features of Microsoft products depend on cookies. Please be aware that if you choose to block cookies, you may not be able to sign in or use those features, and preferences that are dependent on cookies may be lost. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, will be deleted and may need to be recreated.

Additional privacy controls that can impact cookies, including the Tracking Protection feature of Microsoft browsers, are described in the Access and Control section of this privacy statement.

Our Use of Web Beacons and Analytics Services

Microsoft web pages may contain electronic images known as web beacons (also called single-pixel gifs) that we use to help deliver cookies on our websites, count users who have visited those websites and deliver co-branded products. We also include web beacons in our promotional email messages or newsletters to determine whether you open and act on them.

In addition to placing web beacons on our own websites, we sometimes work with other companies to place our web beacons on their websites or in their advertisements. This helps us develop statistics on how often clicking on an advertisement on a Microsoft website results in a purchase or other action on the advertiser's website.

Finally, Microsoft products often contain web beacons or similar technologies from third-party analytics providers, which help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations. These technologies enable the analytics providers to set or read their own cookies or other identifiers on your device, through which they can collect information about your online activities across applications, websites or other products. However, we prohibit these analytics providers from using web beacons on our sites to collect or access information that directly identifies you (such as your name or email address). You can opt out of data collection or use by some of these analytics providers by clicking the following links:

Other Similar Technologies

In addition to standard cookies and web beacons, our products can also use other similar technologies to store and read data files on your computer. This is typically done to maintain your preferences or to improve speed and performance by storing certain files locally. But, like standard cookies, these technologies can also be used to store a unique identifier for your computer, which can then be used to track behavior. These technologies include Local Shared Objects (or "Flash cookies") and Silverlight Application Storage.

Local Shared Objects or "Flash cookies." Web sites that use Adobe Flash technologies can use Local Shared Objects or "Flash cookies" to store data on your computer. To manage or block Flash cookies, go to www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html.

Silverlight Application Storage. Web sites or applications that use Microsoft Silverlight technology also have the ability to store data by using Silverlight Application Storage. To learn how to manage or block such storage, see the Silverlight section of this statement.

Notice to End UsersNotice to End Usersmainnoticetoendusersmodule
Summary
Microsoft accountMicrosoft accountmainmicrosoftaccountmodule
Summary
Full text

With a Microsoft account, you can sign into Microsoft products, as well as those of select Microsoft partners. When you create your own Microsoft account, we refer to that account as a personal Microsoft account. When you sign into products that use Microsoft Azure Active Directory (AAD) with an email address from your employer or school, we refer to that account as a work or school account.

Creating and using your personal Microsoft account. When you create a personal Microsoft account, you will be asked for certain personal data and we will assign a unique ID number to identify your account and associated information. While some products, such as those involving payment, require a real name, you can sign into and use some Microsoft products without providing your real name. Some data you provide, such as your display name, email address and phone number, can be used to help others find and connect with you within Microsoft products. For example, people who know your display name, email address or phone number can use it to search for you on Skype and send you an invite to connect with them. Note that if you use a work or school email address to create a personal Microsoft account, and your employer or school that issued that address begins managing that account with Azure Active Directory (AAD), you will need to update the email address associated with your personal Microsoft account in order to continue accessing Microsoft products that do not use AAD (such as Xbox Live).

Signing in. When you sign into your Microsoft account, we create a record of your sign-in, which includes the date and time, information about the product you signed into, your sign-in name, the unique number assigned to your account, a unique identifier assigned to your device, your IP address, and your operating system and browser version.

Signing into Microsoft. Signing into your account enables improved personalization, provides seamless and consistent experiences across products and devices, permits you to access and use cloud data storage, allows you to make payments using payment instruments stored in your Microsoft account, and enables other enhanced features and settings. When you sign into your account, you will stay signed in until you sign out. If you add your Microsoft account to a Windows device (version 8 or higher), Windows will automatically sign you into products that use Microsoft account that you access on that device. When you are signed in, some products will display your name or username and your profile photo (if you have added one to your profile) as part of your use of Microsoft products, including in your communications, social interactions and public posts.

Signing into third-party products. If you sign into a third-party product with your Microsoft account, you will be asked to consent to share the account data required by that product. The third party will also receive the version number assigned to your account (a new version number is assigned each time you change your sign-in data); and whether your account has been deactivated. If you have consented to share your profile data, the third party may display your name or username and your profile photo (if you have added one to your profile) when you are signed in to that third-party product. If you chose to make payments to third-party merchants using your Microsoft account, Microsoft will pass to the third party information stored in your Microsoft account necessary to process your payment and fulfill your order (such as name, credit card number, billing and shipping addresses, and relevant contact information). The third party can use or share the data it receives when you sign in or make a purchase according to its own practices and policies. You should carefully review the privacy statement for each product you sign into and each merchant you purchase from to determine how it will use the data it collects.

Personal Microsoft accounts received from third parties. If you received your personal Microsoft account from a third party, like an Internet service provider, that third party may have rights over your account, including the ability to access or delete your Microsoft account. You should carefully review any additional terms the third party provided you to understand what it can do with your account.

Using work or school accounts. If your employer or school uses Azure Active Directory (AAD) to issue and manage the account it provides you, you can use your work or school account to sign into Microsoft products that use AAD (such as Office 365 or Skype for Business). If required by your organization, you will also be asked to provide a phone number or an alternative email address for additional security verification. If you sign into Microsoft products with a work or school account, the owner of the domain associated with your email address may control and administer your account, and access and process your data, including the contents of your communications and files. Your use of the products may be subject to your organization's policies, if any. Microsoft is not responsible for the privacy or security practices of these organizations, which may differ from those of Microsoft. If your organization is administering your use of Microsoft products, please direct your privacy inquiries to your administrator. See also, Notice to End Users.

Other Important Privacy InformationOther Important Privacy Informationmainotherimportantprivacyinformationmodule
Summary

Below you will find additional privacy information you may find important. You can also find more information on Microsoft's commitment to protecting your privacy at privacy.microsoft.com.

Security of Personal DataSecurity of Personal Datamainsecurityofpersonaldatamodule
Summary

Microsoft is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a credit card number or password) over the Internet, we protect it through the use of encryption.

Where We Store and Process Personal DataWhere We Store and Process Personal Datamainwherewestoreandprocessdatamodule
Summary

Personal data collected by Microsoft may be stored and processed in your region, in the United States or in any other country where Microsoft or its affiliates, subsidiaries or service providers maintain facilities. Microsoft maintains major data centers in the Australia, Austria, Brazil, Canada, Finland, France, Germany, Hong Kong, India, Ireland, Japan, Korea, Malaysia, the Netherlands, Singapore, the United Kingdom and the United States. Typically, the primary storage location is in the customer’s region or in the United States, often with a backup to a data center in another region. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.

We transfer personal data from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, please visit: ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm

Microsoft Corporation complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Microsoft Corporation has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage. The controlled U.S. subsidiaries of Microsoft Corporation, as identified in our self-certification submission and listed here, also adhere to the Privacy Shield Principles.

If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

If you have a question or complaint related to Microsoft’s participation in the EU-U.S. or Swiss-U.S. Privacy Shield, we encourage you to contact us via our web form. For any complaints related to the Privacy Shield frameworks that cannot be resolved with Microsoft directly, we have chosen to cooperate with the relevant Data Protection Authority, or a panel established by the European DPAs for resolving disputes. Please contact us to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. Microsoft is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Our Retention of Personal DataOur Retention of Personal DatamainOurretentionofpersonaldatamodule
Summary

Microsoft retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly. The criteria used to determine the retention periods include:

  • How long is the personal data needed to provide the products and operate our business? This includes such things as maintaining and improving the performance of those products, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most data retention periods.
  • Do customers provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it? Examples include a document you store in OneDrive, or an email message you keep in your Outlook.com inbox. In such cases, we maintain the data until you actively delete it, such as by moving an email from your Outlook.com inbox to the Deleted Items folder, and then emptying that folder (when your Deleted Items folder is emptied, those emptied items remain in our system for up to 30 days before final deletion).
  • Is there an automated control, such as in the Microsoft privacy dashboard, that enables the customer to access and delete the personal data at any time? If there is not, a shortened data retention time will generally be adopted.
  • Is the personal data of a sensitive type? If so, a shortened retention time would generally be appropriate.
  • Has Microsoft adopted and announced a specific retention period for a certain data type? For example, for Bing search queries, we de-identify stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers after 18 months.
  • Has the user provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
  • Is Microsoft subject to a legal, contractual, or similar obligation to retain the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation.
Collection of Data From ChildrenCollection of Data From Childrenmaincollectionofdatafromchildrenmodule
Summary

When a Microsoft product collects age it will either block users under 13 or will ask them to provide consent from a parent or guardian before they can use it. We will not knowingly ask children under 13 to provide more data than is necessary to provide the product.

Once parental consent is granted, the child's account is treated much like any other account. The child may have access to communication services like email, instant messaging and online message boards and may be able to communicate freely with other users of all ages.

Parents can change or revoke the consent choices previously made, and review, edit or request the deletion of their children's personal data. For example, parents can access their personal Microsoft account and click on "Permissions." For users of Minecraft and other Mojang games, parents can contact us at account.mojang.com/terms#contact.

Preview or Free of Charge ReleasesPreview or Free of Charge Releasesmainpreviewreleasesmodule
Summary

Microsoft offers preview, insider, beta or other free-of-charge products and features ("previews") to enable you to evaluate them while providing feedback, including performance and usage data, to Microsoft. As a result, previews can automatically collect additional data, provide fewer controls, and otherwise employ different privacy and security measures than those typically present in our products. If you participate in previews, we may contact you about your feedback or your interest in continuing to use the product after general release.

Changes to This Privacy StatementChanges to This Privacy Statementmainchangestothisprivacystatementmodule
Summary

We will update this privacy statement when necessary to reflect customer feedback and changes in our products. When we post changes to this statement, we will revise the "last updated" date at the top of the statement and describe the changes in the Change History page. If there are material changes to the statement or in how Microsoft will use your personal data, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Microsoft is protecting your information.

How to Contact UsHow to Contact Usmainhowtocontactusmodule
Summary

If you have a technical or support question, please visit support.microsoft.com to learn more about Microsoft Support offerings. If you have a personal Microsoft account password question, please visit Microsoft account support.

If you have a privacy concern, complaint, or a question for the Chief Privacy Officer/Data Protection Officer of Microsoft, please contact us by using our Web form. We will respond to questions or concerns within 30 days.

Unless otherwise stated, Microsoft Corporation is a data controller for personal data we collect through the products subject to this statement. Our address is Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Telephone: (+1) 425-882-8080.

Microsoft Ireland Operations Limited is our data protection representative for the European Economic Area and Switzerland. The data protection officer of Microsoft Ireland Operations Limited can be reached at the following address: Microsoft Ireland Operations, Ltd., Attn: Data Protection, Carmenhall Road, Sandyford, Dublin 18, Ireland.

Skype Communications S.à.r.l. 23-29 Rives de Clausen L-2165 Luxembourg, Luxembourg is a data controller for Skype. To contact us in relation to Skype software or products, please submit a support request to the Skype customer support team.

To find the Microsoft subsidiary in your country or region, see www.microsoft.com/worldwide/.

Enterprise and Developer ProductsEnterprise & Developer Productsmainenterprisedeveloperproductsmodule
Summary
Enterprise Online ServicesEnterprise Online Servicesmainenterpriseservicesmodule
Summary
Enterprise and Developer Software and Enterprise AppliancesEnterprise and Developer Software and Appliancesmainenterprisedevsoftwareappsmodule
Summary
Cognitive ServicesCognitive Servicesmainmicrosoftcognitiveservicesmodule
Summary
Productivity and Communications ProductsProductivity & Communications Productsmainprodcommproductsmodule
Summary
OfficeOfficemainofficeservicesmodule
Summary
OneDriveOneDrivemainonedrivemodule
Summary
OutlookOutlookmainoutlookmodule
Summary
SkypeSkypemainskypemodule
Summary
Search and Artificial IntelligenceSearch & Artificial Intelligencemainsearchaimodule
Summary
BingBingmainbingmodule
Summary
CortanaCortanamaincortanamodule
Summary
Microsoft TranslatorMicrosoft TranslatormainMicrosoftTranslatormodule
Summary
SwiftKeySwiftKeymainswiftkeymodule
Summary
WindowsWindowsmainwindowsmodule
Summary

Windows is a personalized computing environment that enables you to seamlessly roam and access services, preferences and content across your computing devices from phones to tablets to the Surface Hub. Rather than residing as a static software program on your device, key components of Windows are cloud-based, and both cloud and local elements of Windows are updated regularly, providing you with the latest improvements and features. In order to provide this computing experience, we collect data about you, your device, and the way you use Windows. And because Windows is personal to you, we give you choices about the personal data we collect and how we use it. Note that if your Windows device is managed by your organization (such as your employer or school), your organization may use centralized management tools provided by Microsoft or others to control device settings, device policies, software updates, data collection by us or the organization, or other aspects of your device. For more information about data collection and privacy in Windows, go to go.microsoft.com/fwlink/?LinkId=529552. Legacy versions of Windows (including Vista, 7, 8, and 8.1) are subject to their own privacy statements.

ActivationActivationmainactivationmodule
Summary

When you activate Windows, a specific product key is associated with the device on which your software is installed. The product key and data about the software and your device is sent to Microsoft to help validate your license to the software. This data may be sent again if there is a need to re-activate or validate your license. On phones running Windows, device and network identifiers, as well as device location at the time of the first power up of the device, are also sent to Microsoft for the purpose of warranty registration, stock replenishment, and fraud prevention.

Advertising IDAdvertising IDmainadvertisingidmodule
Summary

Windows generates a unique advertising ID for each user on a device. When the advertising ID is enabled, apps (both Microsoft apps and third-party apps) can access and use the advertising ID in much the same way that websites can access and use a unique identifier stored in a cookie. Thus, your advertising ID can be used by app developers and advertising networks to provide more relevant advertising and other personalized experiences across their apps and on the web. Microsoft collects the advertising ID for the uses described here only when you choose to enable the advertising ID as part of your privacy setting. You can turn off access to this identifier at any time by turning off the advertising ID in your privacy settings (in Start > Settings > Privacy). If you choose to turn it on again, the advertising ID will be reset and a new identifier will be generated. When a third-party app accesses the advertising ID, its use of the advertising ID will be subject to its own privacy policy. For more information on Microsoft’s use of data for advertising, see the How We Use Data section of this statement.

DiagnosticsDiagnosticsmaindiagnosticsmodule
Summary

As you use Windows, we collect diagnostic data that helps us fix problems and improve Microsoft products. If you choose to turn on Tailored experiences, this data can also be used to personalize your experiences with Microsoft products. This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device's service issues and use patterns. There are two levels of diagnostic and usage data: Basic and Full. At the lowest level, Basic, we collect only data necessary to keep Windows devices up-to-date and secure. Basic data includes data about the device itself, the proper functioning of Windows and Store updates, and basic error data. We collect the following data at the Basic level:

  • Device, connectivity and configuration data:
    • Data about the device such as the processor type, OEM manufacturer, type of battery and capacity, number and type of cameras, firmware, and memory attributes.
    • Network capabilities and connection data such as the device’s IP address, mobile network (including IMEI and mobile operator) and whether the device is connected to a free or paid network.
    • Data about the operating system and its configuration such as the OS version and build number, region and language settings, diagnostics level, and whether the device is part of the Windows Insider program.
    • Data about connected peripherals such as model, manufacturer, drivers, and compatibility data.
    • Data about the applications installed on the device such as application name, version, and publisher.
  • Whether a device is ready for an update and whether there are factors that may impede the ability to receive updates, such as low battery, limited disk space, or connectivity through a paid network.
  • Whether updates complete successfully or fail.
  • Data about the reliability of the diagnostics collection system itself.
  • Basic error reporting, which is health data about the operating system and applications running on your device. For example, basic error reporting tells us if an application, such as Microsoft Paint or a third-party game, hangs or crashes.

For more information about what is collected in Basic data, click here (English only).

Full data includes everything collected with Basic data, plus additional information that enables Microsoft to fix and improve products and services for all users. We collect the following additional information at the Full level:

  • Additional data about the device, connectivity and configuration, beyond that collected at Basic.
  • Status and logging information about the health of operating system and other system components (in addition to data about the update and diagnostics systems collected at Basic).
  • App usage, such as which programs are launched on a device, how long they run, and how quickly they respond to input.
  • Browser usage, including browsing history and search terms, on Microsoft browsers, such as Microsoft Edge or Internet Explorer.
  • Small samples of inking and typing input, which is processed to remove identifiers, sequencing information, and other data (such as names, email addresses, and numeric values) which could be used to reconstruct the original content or associate the input to the user. This data is never used for Tailored experiences as described below.
  • Enhanced error reporting, including the memory state of the device when a system or app crash occurs (which may unintentionally contain user content, such as parts of a file you were using when the problem occurred). Crash data is never used for Tailored experiences as described below.

We provide limited portions of error report information to partners (such as OEMs) to help them troubleshoot products and services which work with Windows and other Microsoft product and services. They are only permitted to use this information to repair or improve those products and services.

If you choose to turn on Tailored experiences, we will use some of the data described above in Diagnostics to personalize your experiences with Windows and other products and services. This includes suggestions on how to customize and optimize Windows; and recommendations and offers of Windows features and supported apps, services, hardware, and peripherals. The scope of data will depend on whether you choose Full or Basic as your Diagnostics setting. For example, if you choose Full, your data will include browser and app usage. However, even if you enable Tailored experiences, we will not use your crash, typing, or inking input data for personalization.

Location Services, Motion Sensing, & RecordingLocation Services, Motion Sensing, & Recordingmainlocationservicesmotionsensingmodule
Summary

Windows location service. Microsoft operates a location service that helps determine the precise geographic location of a specific Windows device. Depending on the capabilities of the device, location is determined using satellite global positioning service (GPS), detecting nearby cell towers and/or Wi-Fi access points and comparing that information against a database that Microsoft maintains of cell towers and Wi-Fi access points whose location is known, or deriving location from your IP address. When the location service is active on a Windows device, or you have given permission for Microsoft apps to access location information on non-Windows devices, data about cell towers and Wi-Fi access points and their locations is collected by Microsoft and added to the location database after removing any data identifying the person or device from which it was collected. Microsoft may also share this de-identified location data with third parties to provide and improve location and mapping services.

Windows services and features (such as browsers and Cortana), applications running on Windows, and websites opened in Windows browsers can access the Windows location service to determine precise location if you allow them to do so. Some features and apps request precise location permission when you first install Windows, some ask the first time you use the app, and others ask every time you access the location service. For information about certain Windows apps that use the location service, see the Windows Apps section below.

When the location service is accessed, your Windows device will also upload its location to Microsoft, and we will retain only the last known location (each new location replaces the previous one) to improve the efficiency and operation of our services. Data about a Windows device's recent location history is stored on the device, and certain apps and Windows features can access this location history. You can clear your device's location history at any time in the device's Settings menu.

In Settings, you can also view which applications have access to the location service or your device's location history, turn off or on access to the location service for particular applications, or turn off the location service. You can also set a default location, which will be used when the location service can’t detect a more exact location for your device.

Note that on mobile devices, your mobile operator will have access to your location even if you turn off the location service.

General Location. If you turn on the General Location feature, apps that cannot use your precise location will have access to your general location, such as your city, postal code, or region.

Find My Phone. The Find My Phone feature allows you to find the location of your Windows phone from account.microsoft.com, even if you have turned off all access to the location service on the phone. If you have turned on the "save my location every few hours" feature in the Find My Phone settings on your phone, the Find My Phone feature will periodically send and store a single last known location of your phone, even if you have turned off location services on your phone. Each time a new location is sent, it replaces the previously-stored location.

Find My Device. The Find My Device feature allows an administrator of a Windows PC or tablet to find the location of that device if the administrator has enabled the location service for the device, even if other users have disabled location for themselves. When the administrator attempts to locate the device, users will see a notification in the notification center.

Windows Motion Sensing. Windows devices with motion activity detection can collect motion activity. This data can enable features such as a pedometer to count the number of steps you take, so a fitness application can estimate how many calories you burn. This data and history is stored on your device and can be accessed by applications you give permission to access and use that data.

Recording. Some Windows devices have a recording feature that allows you to capture audio and video clips of your activity on the device, including your communications with others. If you choose to record a session, the recording will be saved locally on your device. In some cases, you may have the option to transmit the recording to a Microsoft product or service that broadcasts the recording publicly. IMPORTANT: You should understand your legal responsibilities before recording and/or transmitting any communication. This includes whether you need to get consent from all parties to the communication in advance. Microsoft is not responsible for how you use recording features or your recordings. 

Security and Safety FeaturesSecurity and Safety Featuresmainsecurityandsafetyfeaturesmodule
Summary

Device encryption. Device encryption helps protect the data stored on your device by encrypting it using BitLocker Drive Encryption technology. When device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for your personal device is automatically backed up online in your personal Microsoft OneDrive account. Microsoft doesn't use your individual recovery keys for any purpose. 

Malicious Software Removal Tool. The Malicious Software Removal Tool (MSRT) runs on your device at least once per month as part of Windows Update. MSRT checks devices for infections by specific, prevalent malicious software ("malware") and helps remove any infections found. When the MSRT runs, it will remove the malware listed on the Microsoft Support website if the malware is on your device. During a malware check, a report will be sent to Microsoft with specific data about malware detected, errors, and other data about your device. If you do not want MSRT to send this data to Microsoft, you can disable MSRT's reporting component.

Microsoft Family. Parents can use Microsoft Family to understand and set boundaries on how their child is using their device. There are many features available to Family members, so please carefully review the information provided when you create or join a Family. When Family activity reporting is turned on for a child, Microsoft will collect details about how the child uses their device and provide parents with reports of that child's activities. Activity reports are routinely deleted from Microsoft servers after a short period of time.

Windows Defender SmartScreen. Windows Defender SmartScreen helps protect you when using our services by checking downloaded files and web content for malicious software, potentially unsafe web content, and other threats to you or your device. When checking a file, data about that file is sent to Microsoft, including the file name, a hash of the file's contents, the download location, and the file's digital certificates. If Windows Defender SmartScreen identifies the file as unknown or potentially unsafe, you will see a warning prior to opening the file. When checking web content, data about the content and your device is sent to Microsoft, including the full web address of the content. If Windows Defender SmartScreen detects that content is potentially unsafe, you will see a warning in place of the content. Windows Defender SmartScreen can be turned on or off in Settings.

Windows Defender Antivirus. Windows Defender Antivirus looks for malware and other unwanted software on your device. Windows Defender Antivirus is automatically turned on to help protect your device if no other antimalware software is actively protecting your device. If Windows Defender Antivirus is turned on, it will monitor the security status of your device. When Windows Defender Antivirus is turned on, or is running because Limited Periodic Scanning is enabled, it will automatically send reports to Microsoft that contain data about suspected malware and other unwanted software, and it may also send files that could contain malware. If a report is likely to contain personal data, the report is not sent automatically, and you'll be prompted before it is sent. You can configure Windows Defender Antivirus not to send reports and suspected malware to Microsoft.

Speech, Inking and TypingSpeech, Inking and Typingmainspeechinkingtypingmodule
Summary

Windows provides both a device based speech recognition feature (available through the Windows Speech Recognition Desktop app), and a cloud-based speech recognition service that was introduced alongside Cortana in those markets and regions where Cortana is available. Go here https://support.microsoft.com/instantanswers/557b5e0e-0eb0-44db-87d6-5e5db6f9c5b0/cortana-s-regions-and-languages to learn what languages and regions speech currently supports. When you use cloud-based speech recognition, Microsoft collects and uses your voice input to provide you with speech recognition services in Cortana and other supported applications.

Additionally, your typed and handwritten words are collected to provide you a personalized user dictionary, help you type and write on your device with better character recognition, and provide you with text suggestions as you type or write. Typing data includes a sample of characters and words you type, which we scrub to remove IDs, IP addresses, and other potential identifiers. It also includes associated performance data, such as changes you manually make to text, as well as words you've added to the dictionary.

As part of the cloud-based speech recognition service, we also collect information from the user dictionary created on your device. Both the voice data and the user dictionary are collected and used in the aggregate to help improve our ability to correctly recognize all users’ speech.

If you’ve given permission in Cortana, we also collect your name and nickname, your recent calendar events and the names of the people in your appointments, information about your contacts including names and nicknames, names of your favorite places, apps you use, and information about your music preferences. This additional data enables us to better recognize people, events, places, and music when you dictate commands, messages, or documents.

You can turn cloud speech recognition off at any time. This will stop the data collection for this feature and will delete associated data stored on your device, such as your local user dictionary and your input history.

Sync SettingsSync Settingsmainsyncsettingsmodule
Summary

When you sign into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers to make it easier to have personalized experiences across multiple devices. After you've signed into one or more devices with a Microsoft account, when you sign into another with the same Microsoft account for the first time, Windows will download and apply the settings and data you choose to sync from your other devices. Settings you choose to sync will automatically update on Microsoft servers and your other devices as you use them.

Some of the settings that are synced include:

  • Apps you've installed from the Windows Store
  • Language preferences
  • Ease of Access preferences
  • Personalization settings such as your account picture, background, and mouse settings
  • Settings for Windows Store apps
  • Spell checker dictionaries, input method editor (IME) dictionaries, and personal dictionaries
  • Internet Explorer browser history, favorites, and websites you have open
  • Saved app, website, mobile hotspot, and Wi-Fi network names and passwords

You can choose whether to sync your settings, and control what is synced, by going to Sync Settings in the Accounts section of Windows Settings. Some apps have their own, separate sync controls. If you sign into Windows with a work account and you choose to connect that account to your personal Microsoft account, Windows will ask which settings you want to sync before connecting your Microsoft account.

Update ServicesUpdate Servicesmainupdateservicesmodule
Summary

Update Services for Windows includes Windows Update and Microsoft Update. Windows Update is a service that provides you with software updates for Windows software and other supporting software, such as drivers and firmware supplied by device manufacturers. Microsoft Update is a service that provides you with software updates for other Microsoft software such as Office.

Windows Update automatically downloads Windows software updates to your device. You can configure Windows Update to automatically install these updates as they become available (recommended) or have Windows notify you when a restart is required to finish installing updates. Apps available through the Windows Store are automatically updated through the Store, as described in the Store section above.

Web Browsers: Microsoft Edge and Internet ExplorerWeb Browsers: Microsoft Edge and Internet Explorermainwebbrowsersmodule
Summary

Microsoft Edge is Microsoft's default web browser for Windows. Internet Explorer, Microsoft's legacy browser, is also available in Windows. Whenever you use a web browser to access the Internet, data about your device ("standard device data") is sent to the websites you visit and online services you use. Standard device data includes your device's IP address, browser type and language, access times, and referring website addresses. This data might be logged on those websites' web servers. Which data is logged and how that data is used depends on the privacy practices of the websites you visit and web services you use.

Additionally, data about how you use your browser, such as your browsing history, web form data, temporary Internet files, and cookies, is stored on your device. You can delete this data from your device using Delete Browsing History.

New features in Microsoft Edge allow you to capture and save content on your device, such as:

  • Web Note: which allows you to create ink and text annotations on the web pages you visit, and clip, save or share them;
  • Active Reading: which allows you to create and manage reading lists including websites or documents; and
  • Hub: which allows you to easily manage your reading lists, favorites, downloads, and history all in one area.

Some Microsoft browser information saved on your device will be synced across other devices when you sign in with your Microsoft account. For instance, in Internet Explorer, this information includes your browsing history and favorites; and in Microsoft Edge, it includes your favorites and reading lists. As an example, if you sync your Microsoft Edge reading list across devices, copies of the content you choose to save to your reading list will be sent to each synced device for later viewing. You can disable syncing in Internet Explorer by going to Sync Settings in the Accounts section of Windows Settings (see Sync Settings). You can also disable syncing of Microsoft Edge browser information by turning off the sync option in Microsoft Edge Settings.

Microsoft Edge and Internet Explorer use your search queries and browsing history to provide you with faster browsing and more relevant search results. These features include:

  • Search Suggestions in Internet Explorer automatically sends the information you type into the browser address bar to your default search provider (such as Bing) to offer search recommendations as you type each character.
  • Search and Site suggestions in Microsoft Edge automatically sends the information you type into the browser address bar to Bing (even if you have selected another default search provider) to offer search recommendations as you type each character.

You can turn off these features at any time. In order to provide search results, Microsoft Edge and Internet Explorer send your search queries, standard device information, and location (if you have location enabled) to your default search provider. If Bing is your default search provider, we use this data as described in the Bing section of this privacy statement.

Cortana can assist you with your web browsing in Microsoft Edge with features such as Ask Cortana. You can disable Cortana assistance in Microsoft Edge at any time in Microsoft Edge Settings. To learn more about how Cortana uses data and how you can control that, go to the Cortana section of this privacy statement.

Wi-Fi Connecting to suggested open hotspotsWi-Fi Connecting to suggested open hotspotsmainwi-fisensemodule
Summary

If you turn it on Connect to suggested open hotspots in Wi-Fi settings, you will automatically connect to suggested open Wi-Fi networks. Please note that not all networks are secure - be careful using an open network to do something online that requires sensitive or personal data, such as making a banking transaction or a purchase.

Windows AppsWindows Appsmainwindowsappsmodule
Summary

A number of Microsoft apps are included with Windows and others are available in the Windows Store. Some of those apps include:

Maps app. The Maps app provides location-based services and uses Bing services to process your searches within the Maps app. Please see the Bing section of this privacy statement to learn more about these Bing-powered experiences. When the Maps app has access to your location, even when the app is not in use, Microsoft may collect de-identified location data from your device to improve Microsoft's services. You can disable the Maps app's access to your location by turning off the location service or turning off the Maps app's access to the location service.

You can keep track of your favorite places and recent map searches in the Maps app. Your favorite places and search history will be included as search suggestions. If you're signed in with your Microsoft account, your favorite places, search history, and certain app settings will be synced across other devices and services (for example, Cortana). See Sync Settings above for more information.

Camera and Photo apps. If you allow the Camera app to use your location, location data is embedded in the photos you take with your device. Other descriptive data, such as camera model and the date that the picture was taken, is also embedded in photos and videos. If you choose to share a photo or video, any embedded data will be accessible to the people and services you share with. You can disable the Camera app's access to your location by turning off all access to the location service in your device's Settings menu or turning off the Camera app's access to the location service.

Your photos, videos, as well as screenshots, saved in your camera roll automatically upload to OneDrive. You can manage your photos and/or videos in OneDrive, and you can disable the automatic upload in Settings.

When you take photos embedded with your location, the Photos app can group your photos by time and location. To group your photos, the Photos app sends location data in your photos to Microsoft to determine the names of locations, such as "Seattle, Washington". When you are using the Photo app while signed into your Microsoft account, your photos and videos from OneDrive will be automatically sorted in into albums in the Photo app, and will also appear on the Photo app's live tile. Your photos and/or videos will only be shared with others if you choose to do so.

People app. The People app lets you see and interact with all your contacts in one place. When you add your Microsoft account to a Windows device, your contacts from your account will be automatically added to the People app. You can add other accounts to the People app, including your social networks (such as Facebook and Twitter) and email accounts. When you add an account, we tell you what data the People app can import or sync with the particular service and let you choose what you want to add. Other apps you install may also sync data to the People app, including providing additional details to existing contacts. You can remove an account from the People app at any time.

Mail and Calendar app. The Mail and Calendar app allows you to connect all your email, calendars, and files in one place, including those from third-party email and file storage providers. The app provides location-based services, such as weather information in your calendar, but you can disable the app’s use of your location. When you add an account to the Mail and Calendar app your email, calendar items, files, contacts, and other settings from your account will automatically sync to your device and to Microsoft’s servers. At any time, you can remove an account or make changes to the data that’s synced from your account. To configure an account, you must provide the app with the account credentials (such as user name and password), which will be sent over the Internet to the third-party provider's server. The app will first attempt to use a secure (SSL) connection to configure your account but will send this information unencrypted if your email provider does not support SSL. If you add an account provided by an organization (such as a company email address), the owner of the organizational domain can implement certain policies and controls (for example, multi-factor authentication or the ability to remotely wipe data from your device) that may affect your use of the app.

Messaging app. When you sign in with a Microsoft account on your device, you can choose to back up your information, which will sync your SMS and MMS messages and store them in your Microsoft account. This allows you to retrieve the messages if you lose or change phones. After your initial device set-up, you can manage your messaging settings at any time. Turning off your SMS/MMS backup will not delete messages that have been previously backed up to your Microsoft account. To delete such messages from storage, you must delete them from your device prior to turning off backup. If you allow the Messaging app to use your location, you can attach a link to your current location to an outgoing message. Location information will be collected by Microsoft as described in the Windows Location Services section.

Microsoft Wallet App for Windows Phone. You can use Microsoft Wallet to hold information such as coupons, loyalty cards, tickets, and other digital content. Where available, you can also add payment cards to the Microsoft Wallet to make payments at participating stores using NFC (near-field communication).

You can set up your wallet for payment by logging into Microsoft Wallet with your personal Microsoft account and adding payment cards associated with your Microsoft account. When you add a payment card to Microsoft Wallet, we provide data to your bank and payment card network, including your name, card number, billing address, email address, device data (including the device name, type, and identifier), and your location at the time you add your payment card to your wallet. This data is sent to your bank and payment card network to determine the eligibility of your payment card, enable transactions, detect fraud.

When you make an NFC payment, Microsoft Wallet will provide the merchant with an encrypted version of your payment card (a "token"). The merchant will present this token, along with transaction details, to your bank to complete the transaction and request payment for your transaction.

Windows Media PlayerWindows Media Playermainwindowsmediaplayermodule
Summary

Windows Media Player allows you to play CDs, DVDs and other digital content (such as WMA and MP3 files), rip CDs, and manage your media library. To enrich your experience when you play content in your library, Windows Media player displays related media information, such as album title, song titles, album art, artist and composer. To augment your media information, Windows Media player will send a request to Microsoft which contains standard computer information, an identifier for the media content, and the media information already contained in your Windows Media Player library (including information you may have edited or entered yourself) so that Microsoft can recognize the track and then return additional information that is available.

Windows Media Player also allows you to play back content that is streamed to you over a network. To provide this service, it is necessary for Windows Media Player to communicate with a streaming media server. These servers are typically operated by non-Microsoft content providers. During playback of streaming media, Windows Media Player will send a log to the streaming media server or other web server(s) if the streaming media server requests it. The log includes such details as: connection time, IP address, operating system version, Windows Media Player version, Player identification number (Player ID), date, and protocol. To protect your privacy, Windows Media Player defaults to sending a Player ID that is different for each session.

Windows HelloWindows Hellomainwindowshellomodule
Summary

Windows Hello provides instant access to your devices through biometric authentication. If you turn it on, Windows Hello uses your face, fingerprint, or iris to identify you based on a set of unique points or features that are extracted from the image and stored on your device as a template - but it does not store the actual picture or image of your face or iris. Biometric verification data that's used when you sign in doesn't leave your device. You can delete your biometric verification data from within Settings.

Windows SearchWindows Searchmainwindowssearchmodule
Summary

Windows Search lets you search your stuff and the web from one place. If you choose to use Windows Search to search "your stuff", it will provide results for items on your personal OneDrive, your OneDrive for Business if so enabled, other cloud storage providers to the extent supported by those third-party providers, and on your device. If you choose to use Windows Search to search the web, or get search suggestions with Windows Search or Cortana, your search results will be powered by Bing and we will use your search query as described in the Bing section of this privacy statement.

Entertainment and Related ServicesEntertainment and Related Servicesmainentertainmentmodule
Summary

Entertainment and Related Services power rich experiences and enable you to access a variety of content, applications and games.

XboxXboxmainxboxmodule
Summary
StoreStoremainwindowsstoremodule
Summary
MSNMSNmainmainmodule
Summary
Groove Music/Movies & TVGroove Music/Movies & TVmaingroovemusicmoviestvmodule
Summary
SilverlightSilverlightmainsilverlightmodule
Summary
Microsoft Health ServicesMicrosoft Health Servicesmainmicrosofthealthservicesmodule
Summary

Microsoft Health services can help you understand and manage your health data. They include HealthVault, HealthVault Insights, Microsoft Band devices, other Microsoft Health applications and related products. The Band helps you keep track of data like heart rate and steps taken. The Band can also use Cortana to take notes and receive notifications from your phone. The Microsoft Health applications send data to Microsoft's servers and allow you to view, manage and control the data. The applications may enable notifications to the Band and other devices. HealthVault services let you gather, edit, add to, and store health data online, along with share your health data with family, caregivers, and health care professionals.

Microsoft Health services collect and use your data to provide the services, which includes improving and personalizing your experiences. Health data you provide to Microsoft through Microsoft Health services is not combined with data from other Microsoft services, or used for other purposes without your explicit consent. For example, Microsoft does not use your health record data to market or advertise to you without your opt-in consent.

Health ServicesHealth Servicesmainmicrosoftservicelongmodule
Summary

Microsoft Health services can help you understand and manage your health data. The data collected depends on the services and features you use, and includes the following:

  • Profile Data. When you create a profile, you will need to provide data, such as height, weight, and age that is used to calculate your activity results. Other profile data comes from your personal Microsoft account.
  • Activity and Fitness Data. Microsoft Health services help you keep track of your activity and fitness by collecting data like your heart rate, steps, calories burned, and sleep. Examples of types of activities you can choose to track are runs, workouts, and sleep.
  • Usage Data. To provide you the best service, we collect and automatically upload statistics about the performance and your use of the Microsoft Health services.
  • Location. Microsoft Band has built-in Global Positioning System (GPS) capabilities, which let you map your activities like running or biking, without having to carry your phone with you. If you enable GPS for an activity, you can view the activity map in the Microsoft Health applications. Some modes on the Band, such as Golf and Explorer, automatically turn on GPS, and turn it off when you end the mode. 

To learn more about the Band's sensors and the data they collect, go here.

Access and Control. You can view and manage your data in Microsoft Health services. For example, you can view and update your profile data, manage connected applications, and view past activities. You can delete specific activity details in the Microsoft Health services. When you delete a specific activity, the event is deleted from the Microsoft Health services; however, other data and the basic sensor data captured by the devices remain in the Microsoft Health services. You can cancel your Microsoft Health services account at any time by contacting Customer Support here.

Cortana. The Microsoft Health services allow you to use Cortana. When you use Cortana, data you process in the Microsoft Health services, including health-related data and data processed from third-party services, is shared with Cortana. Cortana’s capabilities allow you to perform queries and set reminders with your voice, if Cortana is enabled on your device. To learn more about how Cortana manages your data, see the Cortana section of this privacy statement.

HealthVaultHealthVaultmainhealthvaultmodule
Summary

HealthVault is a personal health platform that lets you gather, edit, store, and share health data online. With HealthVault, you can control your own health records. You can also choose to share your health data with family, caregivers, health care professionals, mobile applications, health-related devices, and online tools. For more information about HealthVault, go to here.

Signing into HealthVault. To sign into HealthVault, you can use Microsoft account or third-party authentication services. If you close your Microsoft account or lose your account credentials, you may not be able to access your data. You can use more than one credential with HealthVault to help ensure continued access. Before using a third-party authentication service with HealthVault, we recommend you review the security and privacy commitments offered by the issuer.

HealthVault Account and Health Records. To create a new HealthVault account, you must provide personal data such as name, date of birth, e-mail address, postal code and country/region. Depending on which features you use, you may be asked for additional information. A HealthVault account allows you to manage one or more health records, such as the ones you create for yourself and your family members. You can add or remove data to a health record you manage at any time.

In the U.S., HealthVault assigns each health record a unique HealthVault email address. When a message is received at that email address, the message and attachments are automatically added to the HealthVault record, and a notification email is sent to the custodians of that record. The email service in HealthVault uses "Direct," a protocol designed specifically to communicate with health care providers. For that reason, HealthVault email can only be sent and received with providers that use a system that uses the Direct protocol. Custodians can add or disable record email addresses.

Sharing Health Data. A key value of HealthVault is the ability you have to share your health data with people and services that can help you meet your health-related goals. By default, you are the custodian of any records you create. Custodians have the highest level of access to a health record. As a custodian, you can share data in a health record with another person by sending an e-mail invitation through HealthVault. You can specify what type of access they have (including custodian access), how long they have access, and whether they can modify the data in the record. When you grant someone access, that person can grant the same level of access to someone else (for example, someone with view-only access can grant another user view-only access). Because inappropriate granting of access could allow someone to violate your privacy or even revoke your access to your own records, you should be cautious about granting access to your records.

You can choose to share specific data (or all of the data) in a health record with other services, including participating third-party services you authorize. No service has access to your data through HealthVault unless an authorized user grants it access through HealthVault. HealthVault allows you to control access by accepting or denying requests. For each service granted access, you choose what health information in a specific health record to share and what actions each service may perform on the health information.

A service you authorize for a record will get the full name associated with your HealthVault account, the nickname of the authorized record(s), and your relationship to that record. The service will continue to have access through HealthVault until you revoke the permission. Microsoft can revoke a service's access to HealthVault if it does not meet its privacy commitments to Microsoft. However, except for restricting the access they have to your HealthVault data, we do not control or monitor third-party services, and their privacy practices will vary.

Reports to U.S. Health Care Providers. In the United States, we enable participating health care providers to obtain reports about whether the information they send to a record in Microsoft Health services is used. This feature supports the "meaningful use" objective of the HITECH Act, which provides incentives for health care providers to send their patients copies of their medical information electronically. Providers that participate can get reports that include a number the provider uses to identify the patient within its system, and whether the user took one of the "qualifying actions" in HealthVault (but no information about which action). "Qualifying action" currently includes activities such as viewing, downloading, or transmitting health information via email. You can turn off reporting for your records.

Access and controls. You can review, edit or delete your HealthVault account data, or close your HealthVault account at any time. Only custodians can permanently delete an item. When you delete a heath record, it is deleted from all users who had access to it.

When you close your HealthVault account, we delete all records for which you are the sole custodian. If you share custodian access for a record, you can decide whether to delete the record. Microsoft will wait a limited amount of time before permanently deleting your data in order to help avoid accidental or malicious removal of your health data.

HealthVault maintains a full history of each access, change or deletion by users and services, which includes the date, action and name of the person or service. Custodians of records can examine the history of those records.

Email Communications. We will use the email address you provide when you create your HealthVault account to send you an email requesting that you validate your email address, to include in sharing invitations you send through HealthVault, and to send you service notifications, such as email notifications that information is available to add to your HealthVault records.

HealthVault periodically sends newsletters to help keep you informed of the latest improvements. HealthVault will also periodically send you an email summarizing recent account activity. Subject to your contact preferences, we also use your email addresses to send you promotional email. You can unsubscribe from these emails at any time.

maineuropeanprivacymodule,mainsecurityofpersonaldatamodule,mainwherewestoreandprocessdatamodule,mainourretentionofpersonaldatamodule,maincollectionofdatafromchildrenmodule,mainpreviewreleasesmodule,mainchangestothisprivacystatementmodule,mainhowtocontactusmodule mainenterpriseservicesmodule,mainenterprisedevsoftwareappsmodule,mainmicrosoftcognitiveservicesmodule mainofficeservicesmodule,mainonedrivemodule,mainoutlookmodule,mainskypemodule mainbingmodule,maincortanamodule,mainMicrosoftTranslatormodule,mainswiftkeymodule mainactivationmodule,mainadvertisingidmodule,maindiagnosticsmodule,mainlocationservicesmotionsensingmodule,mainsecurityandsafetyfeaturesmodule, mainspeechinkingtypingmodule, mainsyncsettingsmodule,mainupdateservicesmodule,mainwebbrowsersmodule,mainwi-fisensemodule,mainwindowsappsmodule,mainwindowsmediaplayermodule,mainwindowshellomodule,mainwindowssearchmodule mainxboxmodule,mainwindowsstoremodule,mainmainmodule,maingroovemusicmoviestvmodule,mainsilverlightmodule mainmicrosoftservicelongmodule,mainhealthvaultmodule
mainenterprisedeveloperproductsmodule
Cookies

Most Microsoft Sites use "cookies," small text files that can be read by a web server in the domain that put the cookie on your hard drive. We may use cookies to store your preferences and settings; help with sign-in; provide targeted ads; and analyze site operations. Click here to learn more.

EU-U.S. & Swiss-U.S. Privacy Shield

Microsoft adheres to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. To learn more, Click here.