Your Privacy Matters

Your Privacy Matters

We respect the privacy of your data.

Privacy is one of the principle foundations of Trustworthy Computing at Microsoft. We have a longstanding commitment to privacy, which is an integral part of our product and service lifecycle. We work to be transparent in our privacy practices, offer customers meaningful privacy choices, and responsibly manage the customer data we handle.

The Microsoft Privacy Principles, our specific privacy statements, and our internal privacy standards guide how we collect, use/process, retain and protect customer data. General information about Microsoft’s approach to privacy is available from the Microsoft Privacy Web site.

Data collection & use limits

Microsoft Customer Service and Support (“CSS”) collects and uses enterprise customer data for the purpose of providing support services.

The following chart outlines the various ways we may collect data, and provides examples of the type of data collected:

Means of CollectionExamples of Enterprise Data Collected
Phone or Online ChatWhen a customer contacts CSS, he or she may provide us with data such as name, phone number, email address, and a description of the support issue.
Remote Access (“RA”)Accessing customer systems remotely with customer permission via a Microsoft approved tool to view desktop or server configurations over an encrypted channel so as to resolve support issues.
Data Transfer & Management (DTM) systemReceipt of customer data via Microsoft's DTM system may be required if support issues cannot be resolved by remote troubleshooting. Resolution may necessitate that the customer upload specific data files via the encrypted DTM system, such as system configuration or trace data.
Automated TroubleshooterWhen you choose to run the Automated Troubleshooter it may extract data about hardware, software, and other details related to the support incident, data about the condition of the computer and the application when the fault occurred and during diagnostics, system and registry data about software installations and hardware configurations, and error-tracking files.
RecordingsPhone conversations, online chat sessions, or RA sessions with support professionals may be recorded and/or monitored. For RA, customers may also access the recording after the session.

CSS may use this customer data in the following ways:

DATA USE CHART

 Customer Contact DataCustomer Data
Providing SupportYesYes
Improving SupportYesYes
Communications (Advice, Surveys, Security Bulletins)Yes1No
Voluntary Disclosure to Law EnforcementNoNo

1 Following a support incident, we may send you a survey about your experience. We may also send service communications such as information on technical service issues, and security announcements.

Definitions of the types of customer data we collect

  • Customer Contact Data – Personal data limited to business contact details of any employee of a customer who is contacting CSS regarding the services being provided to the customer (e.g. name, email, phone number of customer’s business representative).

  • Customer Data - means all other data, including all text, sound, software, or image files that are provided to CSS by or on behalf of customer in connection with support service.

Frequently asked questions

Customers around the world have serious questions and concerns as a result of recent disclosures about government surveillance. We share many of these concerns. We are especially alarmed by recent allegations in the press of a broader and concerted effort by some governments to circumvent online security measures – and in our view, legal processes and protections – in order to surreptitiously collect private customer data. Regardless of whether all of these reports are true and completely accurate – and many of the initial reports were not – there’s no question that trust in the security and privacy of online communications has been undermined. We take our customers’ privacy - and earning their trust - seriously and we have clear principles for managing and securing this data. It is the right thing to do and it is in our own business interest. Please visit this link to read more about Microsoft’s position on this topic of Government access to data.

We believe that our customers should control their own data to the greatest extent possible. Accordingly, if a government entity, such as law enforcement, approaches CSS directly for data stored on behalf of our customers, we will first redirect the entity to the customer to afford it the opportunity to determine how to respond.

We will endeavor to only release data to such entities when we are legally required to do so, and we will limit the data we disclose to only the data required to comply with the legal request. Finally, we will use commercially reasonable efforts to notify a business customer in advance of any production, unless legally prohibited from doing so.

We prohibit secondary use of Customer Data, such as use for advertising purposes. For example, our sales and marketing personnel are not allowed to access the CSS case management tools to assist with marketing. The prohibition against secondary use of Customer Data is enforced through policy, training and access controls.

We do not transfer data about our customers to third parties for the purposes of advertising.

If you have a general privacy question, or a question for the Chief Privacy Officer of Microsoft, please contact us by using our Web form.

  • By mail: Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA

  • By Phone: 425-882-8080