Microsoft Enterprise and Developer Privacy Statement

Last Updated: September 2016

Your privacy is important to us. This privacy statement explains what data we collect from you and how we use it. The product-specific details sections provide additional information relevant to particular Microsoft developer and enterprise products. This statement applies to the Microsoft products listed, as well as other Microsoft products that display this statement. References to Microsoft products in this statement include Microsoft applications, software and devices.

Microsoft participates in the EU-U.S. Privacy Shield framework. To learn more visit https://go.microsoft.com/fwlink/?LinkID=822639.

  • Cookies
    Most Microsoft Sites use "cookies," small text files that can be read by a web server in the domain that put the cookie on your hard drive. We may use cookies to store your preferences and settings; help with sign-in; provide targeted ads; and analyze site operations. Click here to learn more.

  • Data We Collect

    Microsoft collects data to operate effectively and provide you the best experiences with our products. You provide some of this data directly, such as when you choose to send error reports to Microsoft to help diagnose a performance issue. We get some of it by receiving usage data from software running on your device.

    You have choices about personal data we collect. Personal data does not include data that is tied solely to your organization and not to an individual. When you are asked to provide personal data, you may decline. But if you choose not to provide personal data that is necessary to provide a product or feature, you may not be able to use that product or feature.

    The data we collect depends on the products and features you use and how the product is configured on your device. But, our collection is generally limited to usage data:

    Usage data. We collect data about how you and your devices interact with Microsoft and our products. For example, we may collect:

    • Product use data. We collect data about the features you use, how often you use them, and how you use them.
    • Device data. We collect data about your device and the network you use to connect to our products. This could include data about the operating systems and other software installed on your device, including version information. It also includes IP address, device identifiers (such as the IMEI number for phones), and regional and language settings.
    • Error reports and performance data. We collect data about the performance of the products and any problems you experience with them. This data helps us improve our products and services, to diagnose problems in the products you use, and provide solutions. Depending on your product and settings, error reports can include data such as the type or severity of the problem, details of the software or hardware related to an error, contents of files you were using when an error occurred, and data about other software on your device.
    • Support data. When you engage Microsoft for support, we collect data about you and your hardware, software, and other details related to the support incident. Such data includes contact or authentication data, the content of your chats and other communications with Microsoft support, diagnostic data about the condition of the device and the application when the error occurred and system and registry data about software installations and hardware configurations.

    Product-specific sections and product documentation further describe data collection practices applicable to use of those products.

    Top of page

  • How We Use Data

    Microsoft uses the data we collect to operate our business, to provide product functionalities and experiences, and improve the products and services we offer. This includes operating the products, maintaining and improving the performance of the products and services, including developing new features, and providing customer support. Microsoft does not use this data for advertising purposes.

    Examples of such uses include the following:

    • Providing the products. We use data to provide our products' functionalities and user experiences that enhance productivity. It may also help us personalize your product experience.
    • Customer support. We use data to diagnose product problems, help repair customers' devices, and provide other customer care and support services.
    • Product activation. We use data to activate and properly register the software and devices that require activation.
    • Product improvement. We use data to continually improve our products and services, including adding new features or capabilities, such as using error reports to improve security features, or using usage information to prioritize future feature development.
    • Security, safety and dispute resolution. We use data to protect the security and safety of our products and our customers, detect and prevent fraud, confirm the validity of software licenses, resolve disputes, and enforce our agreements. Our security features and products can disrupt the operation of malicious software and notify users if malicious software is found on their devices.
    • Business operations. We use data to develop aggregated analytics and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

    Product-specific sections and product documentation further describe data collection practices applicable to use of those products.

    Top of page

  • Reasons We Share Personal Data

    We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorized. For example, we share your content with third parties when you tell us to do so, such as when you link your product with a service.

    In addition, we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we've hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data in order to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.

    Finally, we will access, transfer, disclose, and preserve personal data when we have a good faith belief that doing so is necessary to:

    • comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
    • protect our customers, for example to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life or serious injury of anyone;
    • operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks;
    • protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer's private content ourselves, but we may refer the matter to law enforcement.

    For more information about data we disclose in response to requests from law enforcement and other government agencies, please see our Law Enforcement Transparency Report, available at http://microsoft.com/about/corporatecitizenship/en-us/reporting/transparency

    Please note that some of our products include links to services of third parties whose privacy practices differ from Microsoft's. If you provide data to any of those services, your data is governed by their privacy statements.

    Top of page

  • Cookies & Similar Technologies

    Our products may enable you to access a Microsoft website or launch an application that uses cookies, web beacons and similar technologies. Web beacons and cookies could be from Microsoft or third-party service providers.

    To learn more about cookies, please visit the “ Cookies & Similar Technologies” section of the Microsoft Privacy Statement including how to manage them on your devices.

    Top of page

  • Microsoft account

    With a Microsoft account, you can sign into Microsoft products, as well as those of select Microsoft partners. When you create your own Microsoft account, we refer to that account as a personal Microsoft account. When you sign into products that use Microsoft Azure Active Directory (AAD) with an email address from your employer or school, we refer to that account as a work or school account.

    If your employer or school uses AAD to issue and manage the account it provides you, you can use your work or school account to sign into Microsoft products that use AAD. If required by your organization, you will also be asked to provide a phone number or an alternative email address for additional security verification. If you sign into Microsoft products with a work or school account, the owner of the domain associated with your email address may control and administer your account, and access and process your data, including the contents of your communications and files. Your use of the products may be subject to your organization's policies, if any. Microsoft is not responsible for the privacy or security practices of these organizations, which may differ from those of Microsoft. If your organization is administering your use of Microsoft products, please direct your privacy inquiries to your administrator.

    To learn more about data handling for your Microsoft account and AAD, please read the “Microsoft account” section of the Microsoft Privacy Statement here.

    Top of page

  • Other Important Privacy Information

    Below you will find additional privacy information you may find important. You can also find more information on Microsoft's commitment to protecting your privacy at https://privacy.microsoft.com.

    Top of page

  • Security of Personal Data

    Microsoft is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a password) over the Internet, we protect it through the use of encryption.

    Top of page

  • Where We Store and Process Personal Data

    Personal data collected by Microsoft may be stored and processed in your region, in the United States or in any other country where Microsoft or its affiliates, subsidiaries or service providers maintain facilities. We take steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located. When we transfer personal data from the European Economic Area to other countries, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data. Microsoft participates in the EU-U.S. Privacy Shield and U.S.-Swiss Safe Harbor frameworks, regarding the collection, use, and retention of data from the European Economic Area and Switzerland. To learn more about the Safe Harbor program, and to view our certification, please visit http://www.export.gov/safeharbor.

    Top of page

  • Our Retention of Personal Data

    Microsoft retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements.

    Top of page

  • Collection of Data From Children

    When a Microsoft product collects a user's age, it will either block users under 13 or will ask them to provide consent from a parent or guardian before they can use it. We will not knowingly ask children under 13 to provide more data than is necessary to provide the product.

    Once parental consent is granted, the child's account is treated like any other account. The child may have access to communication services like email, instant messaging and online message boards and may be able to communicate freely with other users of all ages.

    Parents can change or revoke the consent choices previously made, and review, edit or request the deletion of their children's personal data. For example, parents can access their personal Microsoft account and click on "Permissions."

    Top of page

  • Preview and Free-of-Charge Products

    Microsoft offers preview, free-of-charge or other optional features and products that will enable you to use them while providing feedback and usage data to Microsoft. As a result, these releases can automatically collect additional data, provide fewer controls, and otherwise employ different privacy and security measures than those typically present in our products. If you participate in previews or pre-release programs, we may contact you about your feedback or your interest in continuing to use the product after general release.

    Top of page

  • Changes to This Privacy Statement

    We will update this privacy statement when necessary to reflect customer feedback and changes in our products. When we post changes to this statement, we will revise the "last updated" date at the top of the statement and describe the changes on the Change History page. If there are material changes to the statement or in how Microsoft will use your personal data, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Microsoft is protecting your information.

    Top of page

  • How to Contact Us

    If you have a technical or support question, please visit http://support.microsoft.com to learn more about Microsoft Support offerings. If you have a personal Microsoft account password question, please visit Microsoft account support.

    If you have a privacy concern or a question for the Chief Privacy Officer of Microsoft, please contact us by using our Web form. We will respond to questions or concerns within 30 days.

    Our address is Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Telephone: (+1) 425-882-8080.

    Microsoft Ireland Operations Limited is our data protection representative for the European Economic Area and Switzerland. The data protection officer of Microsoft Ireland Operations Limited can be reached at the following address: Microsoft Ireland Operations, Ltd., Attn: Data Protection, Carmenhall Road, Sandyford, Dublin 18, Ireland.

    To find the Microsoft subsidiary in your country or region, see http://www.microsoft.com/worldwide/.

    Top of page