Your Privacy Matters
We respect the privacy of your data.
Privacy is one of the principle foundations of Trustworthy Computing at Microsoft. We have a longstanding commitment to privacy, which is an integral part of our product and service lifecycle. We work to be transparent in our privacy practices, offer customers meaningful privacy choices, and responsibly manage the customer data we handle.
The Microsoft Privacy Principles, our specific privacy statements, and our internal privacy standards guide how we collect, use/process, retain and protect customer data. General information about Microsoft’s approach to privacy is available from the Microsoft Privacy Web site.
Data collection & use limits
Microsoft Customer Service and Support (“CSS”) collects and uses enterprise customer data for the purpose of providing support services.
The following chart outlines the various ways we may collect data, and provides examples of the type of data collected:
|Means of Collection||Examples of Enterprise Data Collected|
|Phone or Online Chat||When a customer contacts CSS, he or she may provide us with data such as name, phone number, email address, and a description of the support issue.|
|Remote Access (“RA”)||Accessing customer systems remotely with customer permission via a Microsoft approved tool to view desktop or server configurations over an encrypted channel so as to resolve support issues.|
|Data Transfer & Management (DTM) system||Receipt of customer data via Microsoft's DTM system may be required if support issues cannot be resolved by remote troubleshooting. Resolution may necessitate that the customer upload specific data files via the encrypted DTM system, such as system configuration or trace data.|
|Automated Troubleshooter||When you choose to run the Automated Troubleshooter it may extract data about hardware, software, and other details related to the support incident, data about the condition of the computer and the application when the fault occurred and during diagnostics, system and registry data about software installations and hardware configurations, and error-tracking files.|
|Recordings||Phone conversations, online chat sessions, or RA sessions with support professionals may be recorded and/or monitored. For RA, customers may also access the recording after the session.|
CSS may use this customer data in the following ways:
DATA USE CHART
| ||Customer Contact Data||Customer Data|
|Communications (Advice, Surveys, Security Bulletins)||Yes1||No|
|Voluntary Disclosure to Law Enforcement||No||No|
1 Following a support incident, we may send you a survey about your experience. We may also send service communications such as information on technical service issues, and security announcements.
Definitions of the types of customer data we collect
Customer Contact Data – Personal data limited to business contact details of any employee of a customer who is contacting CSS regarding the services being provided to the customer (e.g. name, email, phone number of customer’s business representative).
Customer Data - means all other data, including all text, sound, software, or image files that are provided to CSS by or on behalf of customer in connection with support service.
Frequently asked questions
- There have been many media reports that Microsoft provides Government access to customer’s data, is that true?
Customers around the world have serious questions and concerns as a result of recent disclosures about government surveillance. We share many of these concerns. We are especially alarmed by recent allegations in the press of a broader and concerted effort by some governments to circumvent online security measures – and in our view, legal processes and protections – in order to surreptitiously collect private customer data. Regardless of whether all of these reports are true and completely accurate – and many of the initial reports were not – there’s no question that trust in the security and privacy of online communications has been undermined. We take our customers’ privacy - and earning their trust - seriously and we have clear principles for managing and securing this data. It is the right thing to do and it is in our own business interest. Please visit this link to read more about Microsoft’s position on this topic of Government access to data.
- What happens if law enforcement requests my data held by Microsoft CSS? What does Microsoft CSS do when subpoenaed or legally mandated to produce customers' data?
We believe that our customers should control their own data to the greatest extent possible. Accordingly, if a government entity, such as law enforcement, approaches CSS directly for data stored on behalf of our customers, we will first redirect the entity to the customer to afford it the opportunity to determine how to respond.
We will endeavor to only release data to such entities when we are legally required to do so, and we will limit the data we disclose to only the data required to comply with the legal request. Finally, we will use commercially reasonable efforts to notify a business customer in advance of any production, unless legally prohibited from doing so.
- Does Microsoft CSS share customer data with Microsoft sales and marketing teams?
We prohibit secondary use of Customer Data, such as use for advertising purposes. For example, our sales and marketing personnel are not allowed to access the CSS case management tools to assist with marketing. The prohibition against secondary use of Customer Data is enforced through policy, training and access controls.
- Does Microsoft CSS share customer data with 3rd party Advertisers?
We do not transfer data about our customers to third parties for the purposes of advertising.
If you have a general privacy question, or a question for the Chief Privacy Officer of Microsoft, please contact us by using our Web form.
By mail: Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA
By Phone: 425-882-8080