Your privacy is important to us. This privacy statement explains the personal data Microsoft processes, how Microsoft processes it, and for what purposes.

Microsoft offers a wide range of products, including server products used to help operate enterprises worldwide, devices you use in your home, software that students use at school, and services developers use to create and host what’s next. References to Microsoft products in this statement include Microsoft services, websites, apps, software, servers, and devices.

Please read the product-specific details in this privacy statement, which provide additional relevant information. This statement applies to the interactions Microsoft has with you and the Microsoft products listed below, as well as other Microsoft products that display this statement.

Young people may prefer starting with the Privacy for young people page. That page highlights information that may be helpful for young people.

For individuals in the United States, please refer to our U.S. State Data Privacy Notice and the Washington State Consumer Health Data Privacy Policy for additional information about the processing of your personal data, and your rights under applicable U.S. State data privacy laws.


Personal data we collectPersonal data we collectmainpersonaldatawecollect
Summary
Full text

Microsoft collects data from you, through our interactions with you and through our products for a variety of purposes described below, including to operate effectively and provide you with the best experiences with our products. You provide some of this data directly, such as when you create a Microsoft account, administer your organization’s licensing account, submit a search query to Bing, register for a Microsoft event, speak a voice command to Cortana, upload a document to OneDrive, sign up for Microsoft 365, or contact us for support. We get some of it by collecting data about your interactions, use, and experience with our products and communications.

We rely on a variety of legal reasons and permissions (sometimes called “legal bases”) to process data, including with your consent, a balancing of legitimate interests, necessity to enter into and perform contracts, and compliance with legal obligations, for a variety of purposes described below.

We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time and include:

  • Data brokers from which we purchase demographic data to supplement the data we collect.
  • Services that make user-generated content from their service available to others, such as local business reviews or public social media posts.
  • Communication services, including email providers and social networks, when you give us permission to access your data on such third-party services or networks.
  • Service providers that help us determine your device’s location.
  • Partners with which we offer co-branded services or engage in joint marketing activities.
  • Developers who create experiences through or for Microsoft products.
  • Third parties that deliver experiences through Microsoft products.
  • Publicly-available sources, such as open public sector, academic, and commercial data sets and other data sources.

If you represent an organization, such as a business or school, that utilizes Enterprise and Developer Products from Microsoft, please see the Enterprise and developer products section of this privacy statement to learn how we process your data. If you are an end user of a Microsoft product or a Microsoft account provided by your organization, please see the Products provided by your organization and the Microsoft account sections for more information.

You have choices when it comes to the technology you use and the data you share. When you are asked to provide personal data, you can decline. Many of our products require some personal data to operate and provide you with a service. If you choose not to provide data required to operate and provide you with a product or feature, you cannot use that product or feature. Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract; or if this relates to an existing product you’re using, we may have to suspend or cancel it. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features like personalization that use the data will not work for you.

The data we collect depends on the context of your interactions with Microsoft and the choices you make (including your privacy settings), the products and features you use, your location, and applicable law.

The data we collect can include the following:

Name and contact data. Your first and last name, email address, postal address, phone number, and other similar contact data.

Credentials. Passwords, password hints, and similar security information used for authentication and account access.

Demographic data. Data about you such as your age, gender, country, and preferred language.

Payment data. Data to process payments, such as your payment instrument number (such as a credit card number) and the security code associated with your payment instrument.

Subscription and licensing data. Information about your subscriptions, licenses, and other entitlements.

Interactions. Data about your use of Microsoft products. In some cases, such as search queries, this is data you provide in order to make use of the products. In other cases, such as error reports, this is data we generate. Other examples of interactions data include:

  • Device and usage data. Data about your device and the product and features you use, including information about your hardware and software, how our products perform, as well as your settings. For example:
    • Payment and account history. Data about the items you purchase and activities associated with your account.
    • Browse history. Data about the webpages you visit.
    • Device, connectivity, and configuration data. Data about your device, your device configuration, and nearby networks. For example, data about the operating systems and other software installed on your device, including product keys. In addition, IP address, device identifiers (such as the IMEI number for phones), regional and language settings, and information about WLAN access points near your device.
    • Error reports and performance data. Data about the performance of the products and any problems you experience, including error reports. Error reports (sometimes called “crash dumps”) can include details of the software or hardware related to an error, contents of files opened when an error occurred, and data about other software on your device.
    • Troubleshooting and help data. Data you provide when you contact Microsoft for help, such as the products you use, and other details that help us provide support. For example, contact or authentication data, the content of your chats and other communications with Microsoft, data about the condition of your device, and the products you use related to your help inquiry. When you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded.
    • Bot usage data. Interactions with bots and skills available through Microsoft products, including bots and skills provided by third parties.
  • Interests and favorites. Data about your interests and favorites, such as the sports teams you follow, the programming languages you prefer, the stocks you track, or cities you add to track things like weather or traffic. In addition to those you explicitly provide, your interests and favorites can also be inferred or derived from other data we collect.
  • Content consumption data. Information about media content (e.g., TV, video, music, audio, text books, apps, and games) you access through our products.
  • Searches and commands. Search queries and commands when you use Microsoft products with search or related productivity functionality, such as interactions with a chat bot.
  • Voice data. Your voice data, sometimes referred to as “voice clips”, such as search queries, commands, or dictation you speak, which may include background sounds.
  • Text, inking, and typing data. Text, inking, and typing data and related information. For example, when we collect inking data, we collect information about the placement of your inking instrument on your device.
  • Images. Images and related information, such as picture metadata. For example, we collect the image you provide when you use a Bing image-enabled service.
  • Contacts and relationships. Data about your contacts and relationships if you use a product to share information with others, manage contacts, communicate with others, or improve your productivity.
  • Social data. Information about your relationships and interactions between you, other people, and organizations, such as types of engagement (e.g., likes, dislikes, events, etc.) related to people and organizations.
  • Location data. Data about your device’s location, which can be either precise or imprecise. For example, we collect location data using Global Navigation Satellite System (GNSS) (e.g., GPS) and data about nearby cell towers and Wi-Fi hotspots. Location can also be inferred from a device’s IP address or data in your account profile that indicates where it is located with less precision, such as at a city or postal code level.
  • Other input. Other inputs provided when you use our products. For example, data such as the buttons you press on an Xbox wireless controller using the Xbox network, skeletal tracking data when you use Kinect, and other sensor data, like the number of steps you take, when you use devices that have applicable sensors. And, if you use Spend, at your direction, we also collect financial transaction data from your credit card issuer to provide the service. If you attend an in-store event, we collect the data you provide to us when registering for or during the event and if you enter into a prize promotion, we collect the data you input into the entry form.

Content. Content of your files and communications you input, upload, receive, create, and control. For example, if you transmit a file using Skype to another Skype user, we need to collect the content of that file to display it to you and the other user. If you receive an email using Outlook.com, we need to collect the content of that email to deliver it to your inbox, display it to you, enable you to reply to it, and store it for you until you choose to delete it. Other content we collect when providing products to you include:

  • Communications, including audio, video, text (typed, inked, dictated, or otherwise), in a message, email, call, meeting request, or chat.
  • Photos, images, songs, movies, software, and other media or documents you store, retrieve, or otherwise process with our cloud.

Video or recordings. Recordings of events and activities at Microsoft buildings, retail spaces, and other locations. If you enter Microsoft Store locations or other facilities, or attend a Microsoft event that is recorded, we may process your image and voice data.

Feedback and ratings. Information you provide to us and the content of messages you send to us, such as feedback, survey data, and product reviews you write.

Traffic data. Data generated through your use of Microsoft’s communications services. Traffic data indicates with whom you have communicated and when your communications occurred. We will process your traffic data only as required to provide, maintain, and improve our communications services and we do so with your consent.

Product-specific sections below describe data collection practices applicable to use of those products.

How we use personal dataHow we use personal datamainhowweusepersonaldatamodule
Summary
Full text

Microsoft uses the data we collect to provide you rich, interactive experiences. In particular, we use data to:

  • Provide our products, which includes updating, securing, and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request.
  • Improve and develop our products.
  • Personalize our products and make recommendations.
  • Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you relevant offers.

We also use the data to operate our business, which includes analyzing our performance, meeting our legal obligations, developing our workforce, and doing research.

For these purposes, we combine data we collect from different contexts (for example, from your use of two Microsoft products). For example, Cortana may use information from your calendar to suggest action items in a heads-up email, and Microsoft Store uses information about the apps and services you use to make personalized app recommendations. However, we have built in technological and procedural safeguards designed to prevent certain data combinations where required by law. For example, where required by law, we store data we collect from you when you are unauthenticated (not signed in) separately from any account information that directly identifies you, such as your name, email address, or phone number.

Our processing of personal data for these purposes includes both automated and manual (human) methods of processing. Our automated methods often are related to and supported by our manual methods. For example, to build, train, and improve the accuracy of our automated methods of processing (including artificial intelligence or AI), we manually review some of the predictions and inferences produced by the automated methods against the underlying data from which the predictions and inferences were made. For instance, with your permission and for the purpose of improving our speech recognition technologies, we manually review short snippets of voice data that we have taken steps to de-identify. This manual review may be conducted by Microsoft employees or vendors who are working on Microsoft’s behalf.

When we process personal data about you, we do so with your consent and/or as required to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests of Microsoft as described in this section and in the Reasons we share personal data section of this privacy statement. When we transfer personal data from the European Economic Area, we do so based on a variety of legal mechanisms, as described in the Where we store and process personal data section of this privacy statement.

More on the purposes of processing:

  • Provide our products. We use data to operate our products and provide you with rich, interactive experiences. For example, if you use OneDrive, we process the documents you upload to OneDrive to enable you to retrieve, delete, edit, forward, or otherwise process it, at your direction as part of the service. Or, for example, if you enter a search query in the Bing search engine, we use that query to display search results to you. Additionally, as communications are a feature of various products, programs, and activities, we use data to contact you. For example, we may contact you by phone or email or other means to inform you when a subscription is ending or discuss your licensing account. We also communicate with you to secure our products, for example by letting you know when product updates are available.
  • Product improvement. We use data to continually improve our products, including adding new features or capabilities. For example, we use error reports to improve security features, search queries and clicks in Bing to improve the relevancy of the search results, usage data to determine what new features to prioritize, and voice data to develop and improve speech recognition accuracy.
  • Personalization. Many products include personalized features, such as recommendations that enhance your productivity and enjoyment. These features use automated processes to tailor your product experiences based on the data we have about you, such as inferences we make about you and your use of the product, activities, interests, and location. For example, depending on your settings, if you stream movies in a browser on your Windows device, you may see a recommendation for an app from the Microsoft Store that streams more efficiently. If you have a Microsoft account, with your permission, we can sync your settings on several devices. Many of our products provide controls to disable personalized features.
  • Product activation. We use data—such as device and application type, location, and unique device, application, network, and subscription identifiers—to activate products that require activation.
  • Product development. We use data to develop new products. For example, we use data, often de-identified, to better understand our customers’ computing and productivity needs which can shape the development of new products.
  • Customer support. We use data to troubleshoot and diagnose product problems, repair customers’ devices, and provide other customer care and support services, including to help us provide, improve, and secure the quality of our products, services, and training, and to investigate security incidents. Call recording data may also be used to authenticate or identify you based on your voice to enable Microsoft to provide support services and investigate security incidents.
  • Help secure and troubleshoot. We use data to help secure and troubleshoot our products. This includes using data to protect the security and safety of our products and customers, detecting malware and malicious activities, troubleshooting performance and compatibility issues to help customers get the most out of their experiences, and notifying customers of updates to our products. This may include using automated systems to detect security and safety issues.
  • Safety. We use data to protect the safety of our products and our customers. Our security features and products can disrupt the operation of malicious software and notify users if malicious software is found on their devices. For example, some of our products, such as Outlook.com or OneDrive, systematically scan content in an automated manner to identify suspected spam, viruses, abusive actions, or URLs that have been flagged as fraud, phishing, or malware links; and we reserve the right to block delivery of a communication or remove content if it violates our terms. In accordance with European Union Regulation (EU) 2021/1232, we have invoked the derogation permitted by that Regulation from Articles 5(1) and 6(1) of EU Directive 2002/58/EC. We use scanning technologies to create digital signatures (known as “hashes”) of certain images and video content on our systems. These technologies then compare the hashes they generate with hashes of reported child sexual exploitation and abuse imagery (known as a “hash set”), in a process called “hash matching”. Microsoft obtains hash sets from organizations that act in the public interest against child sex abuse. This can result in sharing information with the National Center for Missing and Exploited Children (NCMEC) and law enforcement authorities.
  • Updates. We use data we collect to develop product updates and security patches. For example, we may use information about your device’s capabilities, such as available memory, to provide you a software update or security patch. Updates and patches are intended to maximize your experience with our products, help you protect the privacy and security of your data, provide new features, and evaluate whether your device is ready to process such updates.
  • Promotional communications. We use data we collect to deliver promotional communications. You can sign up for email subscriptions and choose whether you wish to receive promotional communications from Microsoft by email, SMS, physical mail, and telephone. For information about managing your contact data, email subscriptions, and promotional communications, see the How to access and control your personal data section of this privacy statement.
  • Relevant offers. Microsoft uses data to provide you with relevant and valuable information regarding our products. We analyze data from a variety of sources to predict the information that will be most interesting and relevant to you and deliver such information to you in a variety of ways. For example, we may predict your interest in gaming and communicate with you about new games you may like.
  • Advertising. Microsoft does not use what you say in email, human-to-human chat, video calls, or voice mail, or your documents, photos, or other personal files to target ads to you. We use data we collect through our interactions with you, through some of our first-party products, services, apps, and web properties (Microsoft properties), and on third-party web properties, for advertising on our Microsoft properties and on third-party properties. We may use automated processes to help make advertising more relevant to you. For more information about how your data is used for advertising, see the Advertising section of this privacy statement.
  • Prize promotions and events. We use your data to administer prize promotions and events available in our physical Microsoft Stores. For example, if you enter into a prize promotion, we may use your data to select a winner and provide the prize to you if you win. Or, if you register for a coding workshop or gaming event, we will add your name to the list of expected attendees.
  • Transacting commerce. We use data to carry out your transactions with us. For example, we process payment information to provide customers with product subscriptions and use contact information to deliver goods purchased from the Microsoft Store.
  • Reporting and business operations. We use data to analyze our operations and perform business intelligence. This enables us to make informed decisions and report on the performance of our business.
  • Protecting rights and property. We use data to detect and prevent fraud, resolve disputes, enforce agreements, and protect our property. For example, we use data to confirm the validity of software licenses to reduce piracy. We may use automated processes to detect and prevent activities that violate our rights and the rights of others, such as fraud.
  • Legal compliance. We process data to comply with law. For example, we use the age of our customers to assist us in meeting our obligations to protect children’s privacy. We also process contact information and credentials to help customers exercise their data protection rights.
  • Research. With appropriate technical and organizational measures to safeguard individuals’ rights and freedoms, we use data to conduct research, including for public interest and scientific purposes.
Reasons we share personal dataReasons we share personal datamainreasonswesharepersonaldatamodule
Summary
Full text

We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorized. For example, we share your content with third parties when you tell us to do so, such as when you send an email to a friend, share photos and documents on OneDrive, or link accounts with another service. If you use a Microsoft product provided by an organization you are affiliated with, such as an employer or school, or use an email address provided by such organization to access Microsoft products, we share certain data, such as interaction data and diagnostic data to enable your organization to manage the products. When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction. Additionally, when you save a payment method (such as a card) to your account that you and other Microsoft account holders use to make purchases from Microsoft or its affiliates, your purchase receipts may be shared with anyone else who uses and has access to the same payment method to make a purchase from Microsoft, including the payment method’s named accountholder. When you permit push notifications for Microsoft products or applications on a non-Windows device, the operating system of that device will process some personal data to provide push notifications. Accordingly, Microsoft may send data to an external, third-party notification provider to deliver push notifications. Your device’s push notification services are governed by their own service-specific terms and privacy statements.

In addition, we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we've hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.

Finally, we will retain, access, transfer, disclose, and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive), when we have a good faith belief that doing so is necessary to do any of the following:

  • Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
  • Protect our customers, for example, to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life or serious injury of anyone.
  • Operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks.
  • Protect the rights or property of Microsoft, including enforcing the terms governing the use of the services—however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer's private content ourselves, but we may refer the matter to law enforcement.

For more information about data we disclose in response to requests from law enforcement and other government agencies, please see our Law Enforcement Requests Report.

Please note that some of our products include links to or otherwise enable you to access products of third parties whose privacy practices differ from those of Microsoft. If you provide personal data to any of those products, your data is governed by their privacy policies.

How to access and control your personal dataHow to access and control your personal datamainhowtoaccesscontrolyourdatamodule
Summary
Full text

You can also make choices about the collection and use of your data by Microsoft. You can control your personal data that Microsoft has obtained, and exercise your data protection rights, by contacting Microsoft or using various tools we provide. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law. How you can access or control your personal data will also depend on which products you use. For example, you can:

  • Control the use of your data for personalized advertising from Microsoft by visiting our opt-out page.
  • Choose whether you wish to receive promotional emails, SMS messages, telephone calls, and postal mail from Microsoft.
  • Access and clear some of your data through the Microsoft privacy dashboard.

Not all personal data processed by Microsoft can be accessed or controlled via the tools above. If you want to access or control personal data processed by Microsoft that is not available via the tools above or directly through the Microsoft products you use, you can always contact Microsoft at the address in the How to contact us section or by using our web form.

We provide aggregate metrics about user requests to exercise their data protection rights via the Microsoft Privacy Report.

You can access and control your personal data that Microsoft has obtained with tools Microsoft provides to you, which are described below, or by contacting Microsoft. For instance:

  • If Microsoft obtained your consent to use your personal data, you can withdraw that consent at any time.
  • You can request access to, erasure of, and updates to your personal data.
  • If you’d like to port your data elsewhere, you can use tools Microsoft provides to do so, or if none are available, you can contact Microsoft for assistance.

You can also object to or restrict the use of your personal data by Microsoft. For example, you can object at any time to our use of your personal data:

  • For direct marketing purposes.
  • Where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.

You may have these rights under applicable laws, including the EU General Data Protection Regulation (GDPR), but we offer them regardless of your location. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law.

If your organization, such as your employer, school, or service provider, provides you with access to and is administering your use of Microsoft products, contact your organization to learn more about how to access and control your personal data.

You can access and control your personal data that Microsoft has obtained, and exercise your data protection rights, using various tools we provide. The tools most useful to you will depend on our interactions with you and your use of our products. Here is a general list of tools we provide to help you control your personal data; specific products may provide additional controls.

  • Bing. If you are signed into Bing, you can view and clear your stored search and chat history on your privacy dashboard. If you are not signed into Bing, you can view and clear stored search history associated to your device in your Bing settings.
  • Cortana. You can control some of the data Cortana accesses or stores in your Cortana settings.
  • Microsoft account. If you wish to access, edit, or remove the profile information and payment information in your Microsoft account, change your password, add security information or close your account, you can do so by visiting the Microsoft account website.
  • If you have a Microsoft Developer Network (MSDN) public profile, you can access and edit your data by signing in at MSDN forum.
  • Microsoft privacy dashboard. You can control some of the data Microsoft processes through your use of a Microsoft account on the Microsoft privacy dashboard. From here, for example, you can view and clear the browsing, search, and location data associated with your Microsoft account.
  • Microsoft Store. You can access your Microsoft Store profile and account information by visiting Microsoft Store and selecting View account or Order history.
  • Microsoft Teams for personal use. You can find out how to export or delete Teams data relating to your personal Microsoft account by visiting this page.
  • OneDrive. You can view, download, and delete your files and photos in OneDrive by signing into your OneDrive.
  • Outlook.com. You can download your emails in Outlook.com by signing into your account and navigating to your Privacy and data settings.
  • Skype. If you wish to access, edit, or remove some profile and payment information for Skype or change your password, sign in to your account. If you wish to export your Skype chat history and files shared on Skype, you can request a copy.
  • Volume Licensing Service Center (VLSC). If you are a Volume Licensing customer, you can control your contact information and subscription and licensing data in one location by visiting the Volume Licensing Service Center website.
  • Xbox. If you use the Xbox network or Xbox.com, you can view or edit your personal data, including billing and account information, privacy settings, and online safety and data sharing preferences by accessing My Xbox on the Xbox console or on the Xbox.com website.

Not all personal data processed by Microsoft can be accessed or controlled via the tools above. If you want to access or control personal data processed by Microsoft that is not available via the tools above or directly through the Microsoft products you use, you can always contact Microsoft at the address in the How to contact us section or by using our web form. We will respond to requests to control your personal data as required by applicable law.

Your communications preferences

You can choose whether you wish to receive promotional communications from Microsoft by email, SMS, physical mail, and telephone. If you receive promotional email or SMS messages from us and would like to opt out, you can do so by following the directions in that message. You can also make choices about the receipt of promotional email, telephone calls, and postal mail by signing in with your personal Microsoft account, and viewing your communication permissions where you can update contact information, manage Microsoft-wide contact preferences, opt out of email subscriptions, and choose whether to share your contact information with Microsoft partners. If you do not have a personal Microsoft account, you can manage your Microsoft email contact preferences by using this web form. These choices do not apply to mandatory service communications that are part of certain Microsoft products, programs, activities, or to surveys or other informational communications that have their own unsubscribe method.

Your advertising choices

To opt out of receiving personalized advertising from Microsoft, visit our opt-out page. When you opt out, your preference is stored in a cookie that is specific to the web browser you are using. The opt-out cookie has an expiration date of five years. If you delete the cookies on your device, you need to opt out again.

You can also link your opt-out choice with your personal Microsoft account. It will then apply on any device where you use that account and will continue to apply until someone signs in with a different personal Microsoft account on that device. If you delete the cookies on your device, you will need to sign in again for the settings to apply.

For Microsoft-controlled advertising that appears in apps on Windows, you may use the opt-out linked to your personal Microsoft account, or opt out of interest-based advertising by turning off the advertising ID in Windows settings.

Because the data used for interest-based advertising is also used for other required purposes (including providing our products, analytics, and fraud detection), opting out of interest-based advertising does not stop that data collection. You will continue to get ads, although they may be less relevant to you.

You can opt out of receiving interest-based advertising from third parties we partner with by visiting their sites (see above).

Browser-based controls

When you use a browser, you can control your personal data using certain features. For example:

  • Cookie controls. You can control the data stored by cookies and withdraw consent to cookies by using the browser-based cookie controls described in the Cookies section of this privacy statement.
  • Tracking protections. You can control the data third-party sites can collect about you using Tracking Protection in Internet Explorer (versions 9 and up) and Microsoft Edge. This feature will block third-party content, including cookies, from any site that is listed in a Tracking Protection List you add.
  • Browser controls for "Do Not Track." Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, Microsoft services do not currently respond to browser DNT signals. We continue to work with the online industry to define a common understanding of how to treat DNT signals. In the meantime, you can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving interest-based advertising from Microsoft as described above.
Cookies and similar technologiesCookies and similar technologiesmaincookiessimilartechnologiesmodule
Summary
Full text

Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. This data often consists of a string of numbers and letters that uniquely identifies your computer, but it can contain other information as well. Some cookies are placed by third parties acting on our behalf. We use cookies and similar technologies to store and honor your preferences and settings, enable you to sign-in, provide interest-based advertising, combat fraud, analyze how our products perform, and fulfill other legitimate purposes described below. Microsoft apps use additional identifiers, such as the advertising ID in Windows, for similar purposes, and many of our websites and applications also contain web beacons or other similar technologies, as described below.

Our use of cookies and similar technologies

Microsoft uses cookies and similar technologies for several purposes, depending on the context or product, including:

  • Storing your preferences and settings. We use cookies to store your preferences and settings on your device, and to enhance your experiences. For example, depending on your settings, if you enter your city or postal code to get local news or weather information on a Microsoft website, we store that data in a cookie so that you will see the relevant local information when you return to the site. Saving your preferences with cookies, such as your preferred language, prevents you from having to set your preferences repeatedly. If you opt out of interest-based advertising, we store your opt-out preference in a cookie on your device. Similarly, in scenarios where we obtain your consent to place cookies on your device, we store your choice in a cookie.
  • Sign-in and authentication. We use cookies to authenticate you. When you sign in to a website using your personal Microsoft account, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the site without having to sign in again on each page. You can also save your sign-in information so you do not have to sign in each time you return to the site.
  • Security. We use cookies to process information that helps us secure our products, as well as detect fraud and abuse.
  • Storing information you provide to a website. We use cookies to remember information you shared. When you provide information to Microsoft, such as when you add products to a shopping cart on Microsoft websites, we store the data in a cookie for the purpose of remembering the information.
  • Social media. Some of our websites include social media cookies, including those that enable users who are signed in to the social media service to share content via that service.
  • Feedback. Microsoft uses cookies to enable you to provide feedback on a website.
  • Interest-based advertising. Microsoft uses cookies to collect data about your online activity and identify your interests so that we can provide advertising that is most relevant to you. You can opt out of receiving interest-based advertising from Microsoft as described in the How to access and control your personal data section of this privacy statement.
  • Showing advertising. Microsoft uses cookies to record how many visitors have clicked on an advertisement and to record which advertisements you have seen, for example, so you do not see the same one repeatedly.
  • Analytics. We use first- and third-party cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service and to develop other statistics about the operations of our products.
  • Performance. Microsoft uses cookies to understand and improve how our products perform. For example, we use cookies to gather data that helps with load balancing; this helps us keep our websites remain up and running.

Where required, we obtain your consent prior to placing or using optional cookies that are not (i) strictly necessary to provide the website; or (ii) for the purpose of facilitating a communication. Please see the “How to Control Cookies” section below for more information.

Some of the cookies we commonly use are listed below. This list is not exhaustive, but it is intended to illustrate the primary purposes for which we typically set cookies. If you visit one of our websites, the site will set some or all of the following cookies:

  • MSCC. Contains user choices for most Microsoft properties.
  • MUID, MC1, MSFPC, and MSPTC. Identifies unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics, and other operational purposes.
  • ANON. Contains the ANID, a unique identifier derived from your Microsoft account, which is used for advertising, personalization, and operational purposes. It is also used to preserve your choice to opt out of interest-based advertising from Microsoft if you have chosen to associate the opt-out with your Microsoft account.
  • CC. Contains a country code as determined from your IP address.
  • PPAuth, MSPAuth, MSNRPSAuth, KievRPSAuth, WLSSC, MSPProf. Helps to authenticate you when you sign in with your Microsoft account.
  • MC0. Detects whether cookies are enabled in the browser.
  • MS0. Identifies a specific session.
  • NAP. Contains an encrypted version of your country, postal code, age, gender, language and occupation, if known, based on your Microsoft account profile.
  • MH. Appears on co-branded sites where Microsoft is partnering with an advertiser. This cookie identifies the advertiser, so the right ad is selected.
  • childinfo, kcdob, kcrelid, kcru, pcfm. Contains information that Microsoft account uses within its pages in relation to child accounts.
  • MR. This cookie is used by Microsoft to reset or refresh the MUID cookie.
  • x-ms-gateway-slice. Identifies a gateway for load balancing.
  • TOptOut. Records your decision not to receive interest-based advertising delivered by Microsoft. Where required, we place this cookie by default and remove it when you consent to interest-based advertising.

We may also use the cookies of other Microsoft affiliates, companies, and partners, such as LinkedIn and Xandr.

Third Party Cookies

In addition to the cookies Microsoft sets when you visit our websites, we also use cookies from third parties to enhance the services on our sites. Some third parties can also set cookies when you visit Microsoft sites. For example:

  • Companies we hire to provide services on our behalf, such as site analytics, place cookies when you visit our sites.
  • Companies that deliver content on Microsoft sites, such as videos or news, or ads, place cookies on their own.

These companies use the data they process in accordance with their privacy policies, which may enable these companies to collect and combine information about your activities across websites, apps, or online services.

The following types of third-party cookies may be used, depending on the context, service or product, as well as your settings and permissions:

  • Social Media cookies. We and third parties use social media cookies to show you ads and content based on your social media profiles and activity on our websites. They’re used to connect your activity on our websites to your social media profiles so the ads and content you see on our websites and on social media will better reflect your interests.
  • Analytics cookies.We allow third parties to use analytics cookies to understand how you use our websites so we can make them better and the third parties can develop and improve their products, which they may use on websites that are not owned or operated by Microsoft. For example, analytics cookies are used to gather information about the pages you visit and how many clicks you need to accomplish a task. These cookies may also be used for advertising purposes.
  • Advertising cookies.We and third parties use advertising cookies to show you new ads by recording which ads you've already seen. They're also used to track which ads you click on or purchases you make after clicking on an ad for payment purposes, and to show you ads that are more relevant to you. For example, they're used to detect when you click on an ad and show you ads based on your social media interests and website browsing history.
  • Required cookies.We use required cookies to perform essential website functions. For example, to log you in, save your language preferences, provide a shopping cart experience, improve performance, route traffic between web servers, detect the size of your screen, determine page load times, and measure audiences. These cookies are necessary for our websites to work.

Where required, we obtain your consent prior to placing or using optional cookies that are not (i) strictly necessary to provide the website; or (ii) for the purpose of facilitating a communication.

For a list of the third parties that set cookies on our websites, including service providers acting on our behalf, please visit our third party cookie inventory. The third party cookie inventory also includes links to those third parties’ websites or privacy notices. Please consult the third party websites or privacy notices for more information on their privacy practices with respect to their cookies that may be set on our websites. On some of our websites, a list of third parties is available directly on the site. The third parties on these sites may not be included in the list on our third party cookie inventory.

How to control cookies

Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. For example, in Microsoft Edge, you can block or delete cookies by selecting Settings > Privacy and services > Clear Browsing data > Cookies and other site data. For more information about how to delete your cookies in Microsoft browsers, see Microsoft Edge, Microsoft Edge Legacy, or Internet Explorer. If you use a different browser, refer to that browser’s instructions.

As mentioned above, where required, we obtain your consent before placing or using optional cookies that are not (i) strictly necessary to provide the website; or (ii) for the purpose of facilitating a communication. We separate these optional cookies by purpose, such as for advertising and social media purposes. You may consent to certain categories of optional cookies and not others. You also may adjust your choices by clicking “Manage cookies” in the footer of the website or through the settings made available on the website. Certain features of Microsoft products depend on cookies. If you choose to block cookies, you cannot sign in or use some of those features, and preferences that are dependent on cookies will be lost. If you choose to delete cookies, any settings and preferences controlled by those cookies, including advertising preferences, are deleted and will need to be recreated.

Additional privacy controls that can impact cookies, including the tracking protections feature of Microsoft browsers, are described in the How to access and control your personal data section of this privacy statement.

Our use of web beacons and analytics services

Some Microsoft webpages contain electronic tags known as web beacons that we use to help deliver cookies on our websites, count users who have visited those websites, and deliver co-branded products. We also include web beacons or similar technologies in our electronic communications to determine whether you open and act on them.

In addition to placing web beacons on our own websites, we sometimes work with other companies to place our web beacons on their websites or in their advertisements. This helps us to, for example, develop statistics on how often clicking on an advertisement on a Microsoft website results in a purchase or other action on the advertiser's website. It also allows us to understand your activity on the website of a Microsoft partner in connection with your use of a Microsoft product or service.

Finally, Microsoft products often contain web beacons or similar technologies from third-party analytics providers, which help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations. These technologies enable the analytics providers to set or read their own cookies or other identifiers on your device, through which they can collect information about your online activities across applications, websites, or other products. However, we prohibit these analytics providers from using web beacons on our sites to collect or access information that directly identifies you (such as your name or email address). You can opt out of data collection or use by some of these analytics providers by visiting any of the following sites: Adjust, AppsFlyer, Clicktale, Flurry Analytics, Google Analytics (requires you to install a browser add-on), Kissmetrics, Mixpanel, Nielsen, Acuity Ads, WebTrends, or Optimizely.

Other similar technologies

In addition to standard cookies and web beacons, our products can also use other similar technologies to store and read data files on your computer. This is typically done to maintain your preferences or to improve speed and performance by storing certain files locally. But, like standard cookies, these technologies can also store a unique identifier for your computer, which can then track behavior. These technologies include Local Shared Objects (or "Flash cookies") and Silverlight Application Storage.

Local Shared Objects or "Flash cookies." Websites that use Adobe Flash technologies can use Local Shared Objects or "Flash cookies" to store data on your computer. To learn how to manage or block Flash cookies, go to the Flash Player help page.

Silverlight Application Storage. Websites or applications that use Microsoft Silverlight technology also have the ability to store data by using Silverlight Application Storage. To learn how to manage or block such storage, see the Silverlight section of this privacy statement.

Products provided by your organization—notice to end usersProducts provided by your organization—notice to end usersmainnoticetoendusersmodule
Summary
Microsoft accountMicrosoft accountmainmicrosoftaccountmodule
Summary
Full text

With a Microsoft account, you can sign into Microsoft products, as well as those of select Microsoft partners. Personal data associated with your Microsoft account includes credentials, name and contact data, payment data, device and usage data, your contacts, information about your activities, and your interests and favorites. Signing into your Microsoft account enables personalization, consistent experiences across products and devices, permits you to use cloud data storage, allows you to make payments using payment instruments stored in your Microsoft account, and enables other features. There are three types of Microsoft account:

  • When you create your own Microsoft account tied to your personal email address, we refer to that account as a personal Microsoft account.
  • When you or your organization (such as an employer or your school) create your Microsoft account tied to your email address provided by that organization, we refer to that account as a work or school account.
  • When you or your service provider (such as a cable or internet service provider) create your Microsoft account tied to your email address with your service provider’s domain, we refer to that account as a third-party account.

Personal Microsoft accounts. The data associated with your personal Microsoft account, and how that data is used, depends on how you use the account.

  • Creating your Microsoft account. When you create a personal Microsoft account, you will be asked to provide certain personal data and we will assign a unique ID number to identify your account and associated information. While some products, such as those involving payment, require a real name, you can sign in to and use other Microsoft products without providing your real name. Some data you provide, such as your display name, email address, and phone number, can be used to help others find and connect with you within Microsoft products. For example, people who know your display name, email address, or phone number can use it to search for you on Skype or Microsoft Teams for personal use and send you an invite to connect with them. Note that if you use a work or school email address to create a personal Microsoft account, your employer or school may gain access to your data. In some cases, you will need to change the email address to a personal email address in order to continue accessing consumer-oriented products (such as the Xbox network).
  • Signing in to Microsoft account. When you sign in to your Microsoft account, we create a record of your sign-in, which includes the date and time, information about the product you signed in to, your sign-in name, the unique number assigned to your account, a unique identifier assigned to your device, your IP address, and your operating system and browser version.
  • Signing in to Microsoft products. Signing in to your account enables improved personalization, provides seamless and consistent experiences across products and devices, permits you to access and use cloud data storage, allows you to make payments using payment instruments stored in your Microsoft account, and enables other enhanced features and settings. For example, when you sign in, Microsoft makes information saved to your account available across Microsoft products so important things are right where you need them. When you sign in to your account, you will stay signed in until you sign out. If you add your Microsoft account to a Windows device (version 8 or higher), Windows will automatically sign you in to products that use Microsoft account when you access those products on that device. When you are signed in, some products will display your name or username and your profile photo (if you have added one to your profile) as part of your use of Microsoft products, including in your communications, social interactions, and public posts. Learn more about your Microsoft account, your data, and your choices.
  • Signing in to third-party products. If you sign in to a third-party product with your Microsoft account, you will share data with the third party in accordance with the third party’s privacy policy. The third party will also receive the version number assigned to your account (a new version number is assigned each time you change your sign-in data); and information that describes whether your account has been deactivated. If you share your profile data, the third party can display your name or user name and your profile photo (if you have added one to your profile) when you are signed in to that third-party product. If you chose to make payments to third-party merchants using your Microsoft account, Microsoft will pass information stored in your Microsoft account to the third party or its vendors (e.g., payment processors) as necessary to process your payment and fulfill your order (such as name, credit card number, billing and shipping addresses, and relevant contact information). The third party can use or share the data it receives when you sign in or make a purchase according to its own practices and policies. You should carefully review the privacy statement for each product you sign in to and each merchant you purchase from to determine how it will use the data it collects.

Work or school accounts. The data associated with a work or school account, and how it will be used, is generally similar to the use and collection of data associated with a personal Microsoft account.

If your employer or school uses Microsoft Entra ID to manage the account it provides you, you can use your work or school account to sign in to Microsoft products, such as Microsoft 365 and Office 365, and third-party products provided to you by your organization. If required by your organization, you will also be asked to provide a phone number or an alternative email address for additional security verification. And, if allowed by your organization, you may also use your work or school account to sign in to Microsoft or third-party products that you acquire for yourself.

If you sign in to Microsoft products with a work or school account, note:

  • The owner of the domain associated with your email address may control and administer your account, and access and process your data, including the contents of your communications and files, including data stored in products provided to you by your organization, and products you acquire by yourself.
  • Your use of the products is subject to your organization’s policies, if any. You should consider both your organization’s policies and whether you are comfortable enabling your organization to access your data before you choose to use your work or school account to sign in to products you acquire for yourself.
  • If you lose access to your work or school account (if you change employers, for example), you may lose access to products, including content associated with those products, you acquired on your own behalf if you used your work or school account to sign in to such products.
  • Microsoft is not responsible for the privacy or security practices of your organization, which may differ from those of Microsoft.
  • If your organization is administering your use of Microsoft products, please direct your privacy inquiries, including any requests to exercise your data subject rights, to your administrator. See also the Notice to end users section of this privacy statement.
  • If you are uncertain whether your account is a work or school account, please contact your organization.

Third-party accounts. The data associated with a third-party Microsoft account, and how it will be used, is generally similar to the use and collection of data associated with a personal Microsoft account. Your service provider has control over your account, including the ability to access or delete your account. You should carefully review the terms the third party provided you to understand what it can do with your account.

Collection of data from childrenCollection of data from childrenmaincollectionofdatafromchildrenmodule
Summary

For users under the age of 13 or as specified by law in their jurisdiction, certain Microsoft products and services will either block users under that age or will ask them to obtain consent or authorization from a parent or guardian before they can use it, including when creating an account to access Microsoft services. We will not knowingly ask children under that age to provide more data than is required to provide for the product.

Once parental consent or authorization is granted, the child's account is treated much like any other account. Learn more about personal and school accounts in the Microsoft account section of the Privacy Statement and Microsoft Family Safety in the product-specific section. The child can access communication services, like Outlook and Skype, and can freely communicate and share data with other users of all ages. Parents or guardians can change or revoke the consent choices previously made. Learn more about parental consent and Microsoft child accounts. As the organizer of a Microsoft family group, the parent or guardian can manage a child’s information and settings on their Family Safety page and view and delete a child’s data on their privacy dashboard. Select Learn more below for more information about how to access and delete child data and information about children and Xbox profiles.

Full text

For users under the age of 13 or as specified by law in their jurisdiction, certain Microsoft products and services will either block users under that age or will ask them to obtain consent or authorization from a parent or guardian before they can use it, including when creating an account to access Microsoft services. We will not knowingly ask children under that age to provide more data than is required to provide for the product.

Once parental consent or authorization is granted, the child's account is treated much like any other account. The child can access communication services, like Outlook and Skype, and can freely communicate and share data with other users of all ages. Learn more about parental consent and Microsoft child accounts.

Parents or guardians can change or revoke the consent choices previously made. As the organizer of a Microsoft family group, the parent or guardian can manage a child’s information and settings on their Family Safety page and view and delete a child’s data on their privacy dashboard. See below for more information about how to access and delete child data.

Below is additional information about the collection of data from children, including more details as related to Xbox.

Accessing and deleting child data. For Microsoft products and services that require parental consent, a parent can view and delete certain data belonging to their child from the parent’s privacy dashboard: browsing history, search history, location activity, media activity, apps and service activity, and product and service performance data. To delete this data, a parent can sign in to their privacy dashboard and manage their child’s activities. Please note that a parent’s ability to access and/or delete a child’s personal information on their privacy dashboard will vary depending on the laws where you are located.

Additionally, a parent can contact our privacy support team through the privacy support form and, following authentication, request that the data types on the privacy dashboard together with the following data be deleted: software, setup, and inventory; device connectivity and configuration; feedback and ratings; fitness and activity; support content; support interactions; and environmental sensor. We process authenticated deletion requests within 30 days of receipt.

Please note that content like emails, contacts, and chats are accessible through in-product experiences. You can find more information about data you are able to control within Microsoft products by visiting our Privacy Frequently Asked Questions (FAQs).

If your child’s account is not a part of your Microsoft family group and you do not have access to your child’s activity on your privacy dashboard, then you need to submit a request related to your child’s data through the privacy support form. The privacy team will ask for account verification before fulfilling the request.

To delete all of your child’s personal information, you must request deletion of the child’s account through the close your account form. This link will prompt you to sign in with your child’s account credentials. Check that the page shows the correct Microsoft account, and then follow the instructions to request that your child’s account be deleted. Learn more about how to close a Microsoft account.

After you submit the request to close your child’s account, we will wait 60 days before permanently deleting the account in case you change your mind or need to access something on the account before it is permanently closed and deleted. During the waiting period, the account is marked for closure and permanent deletion, but it still exists. If you want to reopen your child’s Microsoft account, just sign in again within that 60-day period. We will cancel the account closure, and the account will be reinstated.

What is Xbox? Xbox is the gaming and entertainment division of Microsoft. Xbox hosts an online network that consists of software and enables online experiences crossing multiple platforms. This network lets your child find and play games, view content, and connect with friends on Xbox and other gaming and social networks.

When users sign in to Xbox, in apps, games or on an Xbox console, we assign a unique identifier to their device. For instance, when their Xbox console is connected to the internet and they sign in to the console, we identify which console and which version of the console’s operating system they are using.

Xbox continues to provide new experiences in client apps that are connected to and backed by services such as Xbox network and cloud gaming. When signed in to an Xbox experience, we collect required data to help keep these experiences safe, secure, up to date, and performing as expected.

Data we collect when you create an Xbox profile. You as the parent or guardian are required to consent to the collection of personal data from a child under 13 years old or as otherwise specified by your jurisdiction. With your permission, your child can have an Xbox profile and use the online Xbox network. During the child Xbox profile creation, you will sign in with your own Microsoft account to verify that you are an adult organizer in your Microsoft family group. We collect an alternate email address or phone number to boost account security. If your child needs help accessing their account, they will be able to use one of these alternates to validate they own the Microsoft account.

We collect limited information about children, including name, birthdate, email address, and region. When you sign your child up for an Xbox profile, they get a gamertag (a public nickname) and a unique identifier. When you create your child’s Xbox profile you consent to Microsoft collecting, using, and sharing information based on their privacy and communication settings on the Xbox online network. Your child’s privacy and communication settings are defaulted to the most restrictive.

Data we collect. We collect information about your child’s use of Xbox services, games, apps, and devices including:

  • When they sign in and sign out of Xbox, purchase history, and content they obtain.
  • Which games they play and apps they use, their game progress, achievements, play time per game, and other play statistics.
  • Performance data about Xbox consoles, Xbox Game Pass and other Xbox apps, the Xbox network, connected accessories, and network connection, including any software or hardware errors.
  • Content they add, upload, or share through the Xbox network, including text, pictures, and video they capture in games and apps.
  • Social activity, including chat data and interactions with other gamers, and connections they make (friends they add and people who follow them) on the Xbox network.

If your child uses an Xbox console or Xbox app on another device capable of accessing the Xbox network, and that device includes a storage device (hard drive or memory unit), usage data will be stored on the storage device and sent to Microsoft the next time they sign in to Xbox, even if they have been playing offline.

Xbox diagnostic data. If your child uses Xbox console, Xbox will send required data to Microsoft. Required data is the minimum data necessary to help keep Xbox safe, secure, up to date, and performing as expected.

Game captures. Any player in a multiplayer game session can record video (game clips) and capture screenshots of their view of the game play. Other players’ game clips and screenshots can capture your child’s in-game character and gamertag during that session. If a player captures game clips and screenshots on a PC, the resulting game clips might also capture audio chat if your child’s privacy and communication settings on the Xbox online network allow it.

Captioning. During Xbox real-time (“party”) chat, players may activate a voice-to-text feature that lets them view that chat as text. If a player activates this feature, Microsoft uses the resulting text data to provide captioning of chat for players who need it. This data may also be used to provide a safe gaming environment and enforce the Community Standards for Xbox.

Data use. Microsoft uses the data we collect to improve gaming products and experiences— making it safer and more fun over time. Data we collect also enables us to provide your child with curated experiences. This includes connecting them to games, content, services, and recommendations.

Xbox data viewable by others. When your child is using the Xbox network, their online presence (which can be set to “appear offline” or “blocked”), gamertag, game play statistics, and achievements are visible to other players on the network. Depending on how you set your child’s Xbox safety settings, they might share information when playing or communicating with others on the Xbox network.

Safety. In order to help make the Xbox network a safe gaming environment and enforce the Community Standards for Xbox, we may collect and review voice, text, images, videos and in-game content (such as game clips your child uploads, conversations they have, and things they post in clubs and games).

Anti-cheat and fraud prevention. Providing a fair gameplay environment is important to us. We prohibit cheating, hacking, account stealing, and any other unauthorized or fraudulent activity when your child uses an Xbox online game or any network-connected app on their Xbox console, PC, or mobile device. In order to detect and prevent fraud and cheating, we may use anti-cheat and fraud prevention tools, applications, and other technologies. Such technologies may create digital signatures (known as “hashes”) using certain information collected from their Xbox console, PC, or mobile device, and how they use that device. This can include information about the browser, device, activities, game identifiers, and operating system.

Xbox data shared with game and apps publishers. When your child uses an Xbox online game or any network-connected app on their Xbox console, PC, or mobile device, the publisher of that game or app has access to data about their usage to help the publisher deliver, support, and improve its product. This data may include: your child’s Xbox user identifier, gamertag, limited account info such as country and age range, data about your child’s in-game communications, any Xbox enforcement activity, game-play sessions (for example, moves made in-game or types of vehicles used in-game), your child’s presence on the Xbox network, the time they spend playing the game or app, rankings, statistics, gamer profiles, avatars, or gamerpics, friends lists, activity feeds for official clubs they belong to, official club memberships, and any content they create or submit in the game or app.

Third-party publishers and developers of games and apps have their own distinct and independent relationship with users and their collection and usage of personal data is subject to their specific privacy policies. You should carefully review their policies to determine how they use your child’s data. For example, publishers may choose to disclose or display game data (such as on leaderboards) through their own services. You may find their policies linked from the game or app detail pages in our stores.

Learn more at Data Sharing with Games and Apps.

To stop sharing game or app data with a publisher, remove its games or app from all devices where they have been installed. Some publisher access to your child’s data may be revoked at microsoft.com/consent.

Managing child settings. As the organizer of a Microsoft family group, you can manage a child’s information and settings on their Family Safety page, as well as their Xbox profile privacy settings from their Xbox Privacy & online safety page.

You can also use the Xbox Family Settings app to manage your child’s experience on the Xbox Network including: spending for Microsoft and Xbox stores, viewing your child’s Xbox activity, and setting age ratings and the amount of screen time.

Learn more about managing Xbox profiles at Xbox online safety and privacy settings.

Learn more about Microsoft family groups at Simplify your family’s life.

Legacy.

  • Xbox 360. This Xbox console collects limited required diagnostic data. This data helps keep your child’s console functioning as expected.
  • Kinect. The Kinect sensor is a combination of camera, microphone, and infrared sensor that can enable motions and voice to be used to control game play. For example:
    • If you choose, the camera can be used to sign in to the Xbox network automatically using facial recognition. This data stays on the console, is not shared with anyone, and can be deleted at any time.
    • For game play, Kinect will map distances between the joints on your child’s body to create a stick figure representation to enable play.
    • The Kinect microphone can enable voice chat between players during play. The microphone also enables voice commands for control of the console, game, or app, or to enter search terms.
    • The Kinect sensor can also be used for audio and video communications through services such as Skype.

Learn more about Kinect at Xbox Kinect and Privacy.

Other important privacy informationOther important privacy informationmainotherimportantprivacyinformationmodule
Summary

Below you will find additional privacy information, such as how we secure your data, where we process your data, and how long we retain your data. You can find more information on Microsoft and our commitment to protecting your privacy at Microsoft Privacy.

Security of personal dataSecurity of personal datamainsecurityofpersonaldatamodule
Summary

Microsoft is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a credit card number or password) over the internet, we protect it through the use of encryption. Microsoft complies with applicable data protection laws, including applicable security breach notification laws.

Where we store and process personal dataWhere we store and process personal datamainwherewestoreandprocessdatamodule
Summary

Personal data collected by Microsoft may be stored and processed in your region, in the United States, and in any other jurisdiction where Microsoft or its affiliates, subsidiaries, or service providers operate facilities. Microsoft maintains major data centers in Australia, Austria, Brazil, Canada, Finland, France, Germany, Hong Kong, India, Ireland, Japan, Korea, Luxembourg, Malaysia, the Netherlands, Singapore, South Africa, the United Kingdom, and the United States. Typically, the primary storage location is in the customer’s region or in the United States, often with a backup to a data center in another region. The storage location(s) are chosen in order to operate and provide our services efficiently, improve performance, and create redundancies in order to protect the data in the event of an outage or other problem. We take steps to process the data that we collect under this privacy statement according to this statement’s provisions and the requirements of applicable law.

We transfer personal data from the European Economic Area, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, see this article on the European Commission website.

Microsoft Corporation complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Microsoft Corporation has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Microsoft Corporation has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. In the context of an onward transfer, Microsoft Corporation has responsibility for the processing of personal data it receives under the DPF and subsequently transfers to a third party acting as an agent on our behalf. Microsoft Corporation remains liable under the DPF if our agent processes such personal information in a manner inconsistent with the DPF, unless Microsoft Corporation can prove that we are not responsible for the event giving rise to the damage. If there is any conflict between the terms in this privacy statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit the U.S. Department of Commerce’s Data Privacy Framework website. The controlled U.S. subsidiaries of Microsoft Corporation, as identified in our self-certification submission, also adhere to the DPF Principles—for more info, see the list of Microsoft U.S. entities or subsidiaries adhering to the DPF Principles.

If you have a question or complaint related to participation by Microsoft in the DPF Frameworks, we encourage you to contact us via our web form. For any complaints related to the DPF Frameworks that Microsoft cannot resolve directly, we have chosen to cooperate with the relevant EU Data Protection Authority, or a panel established by the European data protection authorities, for resolving disputes with EU individuals, the UK Information Commissioner (for UK individuals), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) for resolving disputes with Swiss individuals. Please contact us if you’d like us to direct you to your data protection authority contacts. As further explained in the DPF Principles, binding arbitration is available to address residual complaints not resolved by other means. Microsoft is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Individuals whose personal data is protected by Japan's Act on the Protection of Personal Information should refer to the article on the Japanese Personal Information Protection Commission’s website (only published in Japanese) for more information on the commission’s review of certain countries’ personal data protection systems.

Our retention of personal dataOur retention of personal datamainOurretentionofpersonaldatamodule
Summary

Microsoft retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, the context of our interactions with you or your use of products, actual retention periods can vary significantly.

Other criteria used to determine the retention periods include:

  • Do customers provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it? Examples include a document you store in OneDrive, or an email message you keep in your Outlook.com inbox. In such cases, we would aim to maintain the data until you actively delete it, such as by moving an email from your Outlook.com inbox to the Deleted Items folder, and then emptying that folder (when your Deleted Items folder is emptied, those emptied items remain in our system for up to 30 days before final deletion). (Note that there may be other reasons why the data has to be deleted sooner, for example if you exceed limits on how much data can be stored in your account.)
  • Is there an automated control, such as in the Microsoft privacy dashboard, that enables the customer to access and delete the personal data at any time? If there is not, a shortened data retention time will generally be adopted.
  • Is the personal data of a sensitive type? If so, a shortened retention time would generally be adopted.
  • Has Microsoft adopted and announced a specific retention period for a certain data type? For example, for Bing search queries, we de-identify stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers that are used to identify a particular account or device after 18 months.
  • Has the user provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
  • Is Microsoft subject to a legal, contractual, or similar obligation to retain or delete the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data retained for the purposes of litigation. Conversely, if we are required by law to remove unlawful content, we will do so.
U.S. State Data PrivacyU.S. State Data Privacymaincaliforniaconsumerprivacyactmodule
Summary

If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our privacy statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our privacy statement.

Please note that recent changes to the CCPA and other state data privacy laws are set to take effect in 2023; however, the rules implementing some of these laws have not yet been finalized. We are continuously working to better comply with these laws, and we will update our processes and disclosures as these implementing rules are finalized.

Please also see our U.S. State Data Privacy Laws Notice and our Washington State Consumer Health Data Privacy Policy for additional information about the data we collect, process, share and disclose, and your rights under applicable U.S. state data privacy laws.

Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.

Share. We may “share” your personal data, as defined under California and other applicable U.S. state laws, for personalized advertising purposes. As noted in our Advertising section, we do not deliver personalized advertising to children whose birthdate in their Microsoft account identifies them as under 18 years of age.

In the bulleted list below, we outline the categories of data we share for personalized advertising purposes, the recipients of the personal data, and our purposes of processing. For a description of the data included in each category, please see the Personal data we collect section.

Categories of Personal Data

  • Name and contact data
    • Recipients: Third parties that perform online advertising services for Microsoft
    • Purposes of Processing: To deliver personalized advertising based on your interests
  • Demographic data
    • Recipients: Third parties that perform online advertising services for Microsoft
    • Purposes of Processing: To deliver personalized advertising based on your interests
  • Subscription and licensing data
    • Recipients: Third parties that perform online advertising services for Microsoft
    • Purposes of Processing: To deliver personalized advertising based on your interests
  • Interactions
    • Recipients: Third parties that perform online advertising services for Microsoft
    • Purposes of Processing: To deliver personalized advertising based on your interests

Please see the Advertising section for more information about our advertising practices, and our U.S. State Data Privacy Laws Notice for more information on “sharing” for personalized advertising purposes under applicable U.S. state laws.

Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, share, and sell, (ii) delete your personal data, (iii) correct your personal data, (iv) restrict the use and disclosure of your sensitive data, and (v) opt-out of “sharing” your personal data with third parties for personalized advertising purposes on third party sites. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your privacy rights. Please see our U.S. State Data Privacy Laws Notice for additional information on how to exercise these rights. Please also see our Washington State Consumer Health Data Privacy Policy for information on the rights available under Washington law.

If you have a Microsoft account, you can exercise your rights through the Microsoft privacy dashboard, which requires you to log in to your Microsoft account. If you have an additional request or questions after using the dashboard, you may contact Microsoft at the address in the How to contact us section, use our web form, or call our US toll free number +1 (844) 931 2038. If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information, such as your country of residence, email address, and phone number to validate your request before honoring the request.

You may indicate your choice to opt-out of the sharing of your personal data with third parties for personalized advertising on third party sites by visiting our sharing opt-out page. You can also control the personalized advertising you see on Microsoft properties by visiting our opt-out page.

We do not use or disclose your sensitive data for purposes other than those listed below, without your consent, or as permitted or required under applicable laws. So, we do not offer an ability to limit the use of sensitive data.

You have a right not to receive discriminatory treatment if you exercise your privacy rights. We will not discriminate against you if you exercise your privacy rights.

Personal information processing. In the bulleted list below, we outline the categories of personal data we collect, the sources of the personal data, our purposes of processing, and the categories of third-party recipients with whom we provide the personal data. For a description of the data included in each category, please see the Personal data we collect section. Please see the Our retention of personal data section for information on personal data retention criteria.

Categories of Personal Data

  • Name and contact data
    • Sources of personal data: Interactions with users and partners with whom we offer co-branded services
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; respond to customer questions; help, secure, and troubleshoot; and marketing
    • Recipients: Service providers and user-directed entities
  • Credentials
    • Sources of personal data: Interactions with users and organizations that represent users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; authentication and account access; and help, secure and troubleshoot
    • Recipients: Service providers and user-directed entities
  • Demographic data
    • Sources of personal data: Interactions with users and purchases from data brokers
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing
    • Recipients: Service providers and user-directed entities
  • Payment data
    • Sources of personal data: Interactions with users and financial institutions
    • Purposes of Processing (Collection and Disclosure to Third Parties): Transact commerce; process transactions; fulfill orders; help, secure, and troubleshoot; and detect and prevent fraud
    • Recipients: Service providers and user-directed entities
  • Subscription and licensing data
    • Sources of personal data: Interactions with users and organizations that represent users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide, personalize, and activate our products; customer support; help, secure, and troubleshoot; and marketing
    • Recipients: Service providers and user-directed entities
  • Interactions
    • Sources of personal data: Interactions with users including data Microsoft generates through those interactions
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide and personalize our products; product improvement; product development; marketing; and help, secure and troubleshoot
    • Recipients: Service providers and user-directed entities
  • Content
    • Sources of personal data: Interactions with users and organizations that represent users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; safety; and help, secure, and troubleshoot
    • Recipients: Service providers and user-directed entities
  • Video or recordings
    • Sources of personal data: Interactions with users and publicly available sources
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; product improvement; product development; marketing; help, secure, and troubleshoot; and safety
    • Recipients: Service providers and user-directed entities
  • Feedback and ratings
    • Sources of personal data: Interactions with users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; product improvement; product development; customer support; and help, secure, and troubleshoot
    • Recipients: Service providers and user-directed entities

While the bulleted list above contains the primary sources and purposes of processing for each category of personal data, we also collect personal data from the sources listed in the Personal data we collect section, such as developers who create experiences through or for Microsoft products. Similarly, we process all categories of personal data for the purposes described in the How we use personal data section, such as meeting our legal obligations, developing our workforce, and doing research.

Subject to your privacy settings, your consent, and depending on the products you use and your choices, we may collect, process, or disclose certain personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws. Sensitive data is a subset of personal data. In the list below, we outline the categories of sensitive data we collect, the sources of the sensitive data, our purposes of processing, and the categories of third party recipients with whom we share the sensitive data. Please see the Personal data we collect section for more information about the sensitive data we may collect.

Categories of Sensitive Data

  • Account log-in, financial account, debit or credit card number, and the means to access the account (security or access code, password, credentials, etc.)
    • Sources of sensitive data: Interactions with users and organizations that represent users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide the product and fulfill requested financial transactions
    • Recipients: Service providers and payment processing providers
  • Precise geo-location information
    • Sources of sensitive data: Users’ interactions with the products
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide the service requested; product improvement; some attributes may be disclosed to third parties to provide the service
    • Recipients: Users and service providers (please see the Windows Location Services and Recording section of our privacy statement for more information)
  • Racial or ethnic origin, religious or philosophical beliefs, or union membership
    • Sources of sensitive data: Communications with users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Conduct research studies to better understand how our products are used and perceived and for the purposes of improving the product experiences
    • Recipients: Service providers
  • Medical or mental health, sex life, or sexual orientation
    • Sources of sensitive data: Communications with users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Conduct research studies to better understand how our products are used and perceived and for the purposes of improving the product experiences and accessibility
    • Recipients: Service providers
  • Contents of your mail, email, or text messages (where Microsoft is not the intended recipient of the communication)
    • Sources of sensitive data: Users’ interactions with the products
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; improve the product experience; safety; and help, secure, and troubleshoot
    • Recipients: Service providers
  • Personal data collected from a known child under 13 years of age
    • Sources of sensitive data: Interactions with users and organizations that represent users
    • Purposes of Processing (Collection and Disclosure to Third Parties): Provide our products; product improvement; product development; recommendations; help, secure, and troubleshoot; and safety
    • Recipients: Service providers and user-directed entities (in accordance with your Microsoft Family Safety settings)

While the bulleted list above contains the primary sources and purposes of processing for personal data collected from children under 13, we also collect personal data from the sources listed in the Collection of Data from Children section.

We do not use or disclose your sensitive data for purposes other than the following:

  • Perform the services or provide the goods you reasonably expect
  • Help ensure the security and integrity of our services, systems, and data, to combat malicious deceptive, fraudulent or illegal acts, and to protect the physical safety of individuals, to the extent the processing is reasonably necessary and proportionate
  • For short-term transient use (including non-personalized advertising), so long as the personal data is not disclosed to a third party, is not used for profiling, and is not used to alter an individual’s experience outside the current interaction with Microsoft
  • Perform services on behalf of Microsoft, such as maintaining accounts, providing customer service, processing, or fulfilling orders/transactions, verifying customer information, processing payments, providing financing, providing analytics, providing storage, and similar services
  • Undertake activities to verify or maintain the quality or safety of, or improve, upgrade, or enhance a service or device owned or controlled by Microsoft
  • Collect or process sensitive data where the collection or processing is not for inferring characteristics about the individual
  • Any other activities in accordance with any future regulations that are issued pursuant to U.S. state data privacy laws

De-Identified Data. In some situations, Microsoft may process de-identified data. Data is in this state when we are not able to link data to an individual to whom such data may relate without taking additional steps. In those instances, and unless allowed under applicable law, we will maintain such information in a de-identified state, and will not try to re-identify the individual to whom the de-identified data relates.

Disclosures of personal data for business or commercial purposes. As indicated in the Reasons we share personal data section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. However, we share all categories of personal data for the business and commercial purposes in the Reasons we share personal data section.

Parties that control collection of personal data. In certain situations, we may allow a third party to control the collection of your personal data. For example, third party applications or extensions that run on Windows or Edge browser may collect personal data based on their own practices.

Microsoft allows advertising companies to collect information about your interactions with our websites in order to deliver personalized ads on Microsoft’s behalf. These companies include: Meta, LinkedIn, Google, and Adobe.

Artificial IntelligenceArtificial Intelligencemainartificialintelligencemodule
Summary

Microsoft leverages the power of artificial intelligence (AI) in many of our products and services, including by incorporating generative AI features such as Microsoft Copilot capabilities. Microsoft’s development and use of AI is subject to Microsoft’s AI Principles and Microsoft’s Responsible AI Standard, and Microsoft’s collection and use of personal data in developing and deploying AI features is consistent with the commitments outlined in this privacy statement. Product-specific details provide additional relevant information. You can find out more about how Microsoft uses AI here.

AdvertisingAdvertisingmainadvertisingmodule
Summary

Advertising allows us to provide, support, and improve some of our products. Microsoft does not use what you say in email, human-to-human chat, video calls or voice mail, or your documents, photos, or other personal files to target ads to you. We use other data, detailed below, for advertising on our Microsoft properties and on third-party properties. For example:

  • Microsoft may use data we collect to select and deliver some of the ads you see on Microsoft web properties, such as Microsoft.com, Microsoft Start, and Bing.
  • When the advertising ID is enabled in Windows as part of your privacy settings, third parties can access and use the advertising ID (much the same way that websites can access and use a unique identifier stored in a cookie) to select and deliver ads in such apps.
  • We may share data we collect with internal and external partners, such as Xandr, Yahoo, or Facebook (see below), so that the ads you see in our products and their products are more relevant and valuable to you.
  • Advertisers may choose to place our web beacons on their sites, or use similar technologies, in order to allow Microsoft to collect information on their sites such as activities, purchases, and visits; we use this data on behalf of our advertising customers to provide ads.

The ads that you see may be selected based on data we process about you, such as your interests and favorites, your location, your transactions, how you use our products, your search queries, or the content you view. For example, if you view content on Microsoft Start about automobiles, we may show advertisements about cars; if you search “pizza places in Seattle” on Bing, you may see advertisements in your search results for restaurants in Seattle.

The ads that you see may also be selected based on other information learned about you over time using demographic data, location data, search queries, interests and favorites, usage data from our products and sites, and the information we collect about you from the sites and apps of our advertisers and partners. We refer to these ads as "personalized advertising" in this statement. For example, if you view gaming content on xbox.com, you may see offers for games on Microsoft Start. To provide personalized advertising, we combine cookies placed on your device using information that we collect (such as IP address) when your browser interacts with our websites. If you opt out of receiving personalized advertising, data associated with these cookies will not be used.

We may use information about you to serve you with personalized advertising when you use Microsoft services. If you are logged in with your Microsoft account and have consented to allow Microsoft Edge to use your online activity for personalized advertising, you will see offers for products and services based on your online activity while using Microsoft Edge. To configure your privacy settings for Edge, go to Microsoft Edge > Settings > Privacy and Services. To configure your privacy and ad settings for your Microsoft account with respect to your online activity across browsers, including Microsoft Edge, or when visiting third-party websites or apps, go to your dashboard at privacy.microsoft.com.

Further details regarding our advertising-related uses of data include:

  • Advertising industry best practices and commitments. Microsoft is a member of the Network Advertising Initiative (NAI) and adheres to the NAI Code of Conduct. We also adhere to the following self-regulatory programs:
  • Health-related ad targeting. In the United States, we provide personalized advertising based on a limited number of standard, non-sensitive health-related interest categories, including allergies, arthritis, cholesterol, cold and flu, diabetes, gastrointestinal health, headache / migraine, healthy eating, healthy heart, men’s health, oral health, osteoporosis, skin health, sleep, and vision / eye care. We will also personalize ads based on custom, non-sensitive health-related interest categories as requested by advertisers.
  • Children and advertising. We do not deliver personalized advertising to children whose birthdate in their Microsoft account identifies them as under 18 years of age.
  • Data retention. For personalized advertising, we retain data for no more than 13 months, unless we obtain your consent to retain the data longer.
  • Sensitive Data. Microsoft Advertising does not collect, process, or disclose personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws for the purposes of providing personalized advertising.
  • Data sharing. In some cases, we share with advertisers reports about the data we have collected on their sites or ads.

Data collected by other advertising companies. Advertisers sometimes include their own web beacons (or those of their other advertising partners) within their advertisements that we display, enabling them to set and read their own cookie. Additionally, Microsoft partners with Xandr, a Microsoft company, and third-party ad companies to help provide some of our advertising services, and we also allow other third-party ad companies to display advertisements on our sites. These third parties may place cookies on your computer and collect data about your online activities across websites or online services. These companies currently include, but are not limited to: Facebook, Media.net, Outbrain, Taboola and Yahoo. Select any of the preceding links to find more information on each company's practices, including the choices it offers. Many of these companies are also members of the NAI or DAA, which each provide a simple way to opt out of ad targeting from participating companies.

To opt out of receiving personalized advertising from Microsoft, visit our opt-out page. When you opt out, your preference is stored in a cookie that is specific to the web browser you are using. The opt-out cookie has an expiration date of five years. If you delete the cookies on your device, you need to opt out again.

Speech recognition technologiesSpeech recognition technologiesmainspeechrecognitionmodule
Summary

Speech recognition technologies are integrated into many Microsoft products and services. Microsoft provides both device-based speech recognition features and cloud-based (online) speech recognition features. Microsoft’s speech recognition technology transcribes voice data into text. With your permission, Microsoft employees and vendors working on behalf of Microsoft, will be able to review snippets of your voice data or voice clips in order to build and improve our speech recognition technologies. These improvements allow us to build better voice-enabled capabilities that benefit users across all our consumer and enterprise products and services. Prior to employee or vendor review of voice data, we protect users’ privacy by taking steps to de-identify the data, requiring non-disclosure agreements with relevant vendors and their employees, and requiring that employees and vendors meet high privacy standards. Learn more about Microsoft and your voice data.

Preview or free-of-charge releasesPreview or free-of-charge releasesmainpreviewreleasesmodule
Summary

Microsoft offers preview, insider, beta or other free-of-charge products and features ("previews") to enable you to evaluate them while providing Microsoft with data about your use of the product, including feedback and device and usage data. As a result, previews can automatically collect additional data, provide fewer controls, and otherwise employ different privacy and security measures than those typically present in our products. If you participate in previews, we may contact you about your feedback or your interest in continuing to use the product after general release.

Changes to this privacy statementChanges to this privacy statementmainchangestothisprivacystatementmodule
Summary

We update this privacy statement when necessary to provide greater transparency or in response to:

  • Feedback from customer, regulators, industry, or other stakeholders.
  • Changes in our products.
  • Changes in our data processing activities or policies.

When we post changes to this statement, we will revise the "last updated" date at the top of the statement and describe the changes on the Change history page. If there are material changes to the statement, such as a change to the purposes of processing of personal data that is not consistent with the purpose for which it was originally collected, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Microsoft is protecting your information.

How to contact usHow to contact usmainhowtocontactusmodule
Summary

If you have a privacy concern, complaint, or question for the Microsoft Chief Privacy Officer or the Data Protection Officer for your region, please contact us by using our web form. We will respond to questions or concerns as required by law and within a period no longer than 30 days. You can also raise a concern or lodge a complaint with a data protection authority or other official with jurisdiction.

When Microsoft is a controller, unless otherwise stated, Microsoft Corporation and, for those in the European Economic Area, the United Kingdom, and Switzerland, Microsoft Ireland Operations Limited are the data controllers for personal data we collect through the products subject to this statement. Our addresses are:

  • Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Telephone: +1 (425) 882 8080.
  • Microsoft Ireland Operations Limited, Attn: Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Telephone: +353 1 706 3117.

To find the Microsoft subsidiary in your country or region, see the list of Microsoft office locations around the world.

The representative of Microsoft Ireland Operations Limited within the meaning of Art. 14 of the Swiss Federal Act on Data Protection is Microsoft Schweiz GmbH, The Circle 02, 8058 Zürich-Flughafen, Switzerland.

If you would like to exercise your rights under applicable U.S. state data privacy law, you may contact Microsoft at the U.S. address listed above, use our web form, or call our U.S. toll free number +1 (844) 931 2038.

If you are a resident of Canada and its provinces you may contact the Microsoft Data Protection Officer for Canada at Microsoft Canada Head Office, 4400-81 Bay St, Toronto, ON, M5J 0E7, at +1 (416) 349 2506, or by using our web form.

Where French law applies, you can also send us specific instructions regarding the use of your personal data after your death, by using our web form.

If you have a technical or support question, please visit Microsoft Support to learn more about Microsoft Support offerings. If you have a personal Microsoft account password question, please visit Microsoft account support.

We offer various means for you to control your personal data that Microsoft has obtained, and to exercise your data protection rights. You can do so by contacting Microsoft at our web form or the information above, or by using the various tools we provide. Please see the How to access and control your personal data section for additional details.

Enterprise and developer productsEnterprise and developer productsmainenterprisedeveloperproductsmodule
Summary
Enterprise online servicesEnterprise online servicesmainenterpriseservicesmodule
Summary
Enterprise and developer software and enterprise appliancesEnterprise and developer software and appliancesmainenterprisedevsoftwareappsmodule
Summary
Productivity and communications productsProductivity and communications productsmainprodcommproductsmodule
Summary
Microsoft 365 and OfficeMicrosoft 365 and Officemainofficeservicesmodule
Summary
Microsoft FamilyMicrosoft Familymainmsfamilymodule
Summary
Microsoft TeamsMicrosoft Teamsmainteamsmodule
Summary
OneDriveOneDrivemainonedrivemodule
Summary
OutlookOutlookmainoutlookmodule
Summary
SkypeSkypemainskypemodule
Summary
Surface DuoSurface Duomainsurfaceduomodule
Summary
LinkedInLinkedInmainlinkedinmodule
Summary
Search, Microsoft Edge, and artificial intelligenceSearch, Microsoft Edge, and artificial intelligencemainsearchaimodule
Summary
BingBingmainbingmodule
Summary
CortanaCortanamaincortanamodule
Summary
Microsoft EdgeMicrosoft Edgemainmsedgemodule
Summary
Microsoft TranslatorMicrosoft TranslatormainMicrosoftTranslatormodule
Summary
SwiftKeySwiftKeymainswiftkeymodule
Summary
WindowsWindowsmainwindowsmodule
Summary

Windows is a personalized computing environment that enables you to seamlessly roam and access services, preferences, and content across your computing devices from phones to tablets to the Surface Hub. Rather than residing as a static software program on your device, key components of Windows are cloud-based, and both cloud and local elements of Windows are updated regularly, providing you with the latest improvements and features. In order to provide this computing experience, we collect data about you, your device, and the way you use Windows. And because Windows is personal to you, we give you choices about the personal data we collect and how we use it. Note that if your Windows device is managed by your organization (such as your employer or school), your organization may use centralized management tools provided by Microsoft or others to access and process your data and to control device settings (including privacy settings), device policies, software updates, data collection by us or the organization, or other aspects of your device. Additionally, your organization may use management tools provided by Microsoft or others to access and process your data from that device, including your interaction data, diagnostic data, and the contents of your communications and files. For more information about data collection in Windows, see Data collection summary for Windows. This statement discusses Windows 10 and Windows 11 and references to Windows in this section relate to those product versions. Earlier versions of Windows (including Windows Vista, Windows 7, Windows 8, and Windows 8.1) are subject to their own privacy statements.

ActivationActivationmainactivationmodule
Summary

When you activate Windows, a specific product key is associated with the device on which your software is installed. The product key and data about the software and your device is sent to Microsoft to help validate your license to the software. This data may be sent again if there is a need to re-activate or validate your license. On phones running Windows, device and network identifiers, as well as device location at the time of the first power-up of the device, are also sent to Microsoft for the purpose of warranty registration, stock replenishment, and fraud prevention.

Activity historyActivity historymainactivityhistorymodule
Summary

Activity history helps keep track of the things you do on your device, such as the apps and services you use, the files you open, and the websites you browse. Your activity history is created when using different apps and features such as Microsoft Edge Legacy, some Microsoft Store apps, and Microsoft 365 apps and is stored locally on your device.

You can turn settings off or on for storing activity history locally on your device, and you can also clear your device’s activity history at any time by going to Privacy > Activity history in the Windows settings app. Learn more about activity history in Windows.

Advertising IDAdvertising IDmainadvertisingidmodule
Summary

Windows generates a unique advertising ID for each person using a device, which app developers and advertising networks can then use for their own purposes, including providing relevant advertising in apps. When the advertising ID is enabled, both Microsoft apps and third-party apps can access and use the advertising ID in much the same way that websites can access and use a unique identifier stored in a cookie. Thus, your advertising ID can be used by app developers and advertising networks to provide more relevant advertising and other personalized experiences across their apps and on the web. Microsoft collects the advertising ID for the uses described here only when you choose to enable the advertising ID as part of your privacy setting.

The advertising ID setting applies to Windows apps using the Windows advertising identifier. You can turn off access to this identifier at any time by turning off the advertising ID in the Windows settings app. If you choose to turn it on again, the advertising ID will be reset and a new identifier will be generated. When a third-party app accesses the advertising ID, its use of the advertising ID will be subject to its own privacy policy. Learn more about advertising ID in Windows.

The advertising ID setting does not apply to other methods of interest-based advertising delivered by Microsoft or third parties, such as cookies used to provide interest-based display ads on websites. Third-party products accessed through or installed on Windows may also deliver other forms of interest-based advertising subject to their own privacy policies. Microsoft delivers other forms of interest-based ads in certain Microsoft products, both directly and by partnering with third-party ad providers. For more information on how Microsoft uses data for advertising, see the How we use personal data section of this statement.

DiagnosticsDiagnosticsmaindiagnosticsmodule
Summary

Microsoft collects Windows diagnostic data to solve problems and to keep Windows up to date, secure, and operating properly. It also helps us improve Windows and related Microsoft products and services and, for customers who have turned on the “Tailored experiences” setting, to provide more relevant tips and recommendations to tailor Microsoft and third-party products and services for Windows to the customer’s needs. This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device's service issues and use patterns.

There are two levels of diagnostic and activity data: Required diagnostic data and Optional diagnostic data. Certain product documentation and other materials refer to Required diagnostic data as Basic diagnostic data and to Optional diagnostic data as Full diagnostic data.

If an organization (such as your employer or school) uses Microsoft Entra ID to manage the account it provides to you and enrolls your device in the Windows diagnostic data processor configuration, Microsoft’s processing of diagnostic data in connection with Windows is governed by a contract between Microsoft and the organization. If an organization uses Microsoft management tools or engages Microsoft to manage your device, Microsoft and the organization will use and process diagnostic and error data from your device to allow the management, monitoring, and troubleshooting of your devices managed by the organization, and for other purposes of the organization.

Required diagnostic data includes information about your device, its settings and capabilities, and whether it is performing properly. We collect the following Required diagnostic data:

  • Device, connectivity, and configuration data:
    • Data about the device such as the processor type, OEM manufacturer, type of battery and capacity, number and type of cameras, firmware, and memory attributes.
    • Network capabilities and connection data such as the device’s IP address, mobile network (including IMEI and mobile operator), and whether the device is connected to a free or paid network.
    • Data about the operating system and its configuration such as the OS version and build number, region and language settings, diagnostics data settings, and whether the device is part of the Windows Insider program.
    • Data about connected peripherals such as model, manufacturer, drivers, and compatibility data.
    • Data about the applications installed on the device such as application name, version, and publisher.
  • Whether a device is ready for an update and whether there are factors that may impede the ability to receive updates, such as low battery, limited disk space, or connectivity through a paid network.
  • Whether updates complete successfully or fail.
  • Data about the reliability of the diagnostics collection system itself.
  • Basic error reporting, which is health data about the operating system and applications running on your device. For example, basic error reporting tells us if an application, such as Microsoft Paint or a third-party game, hangs or crashes.

Optional diagnostic data includes more detailed information about your device and its settings, capabilities, and device health. Optional diagnostic data may also include data about the websites you browse, device activity (also sometimes referred to as usage), and enhanced error reporting that helps Microsoft to fix and improve products and services for all users. When you choose to send Optional diagnostic data, Required diagnostic data will always be included, and we collect the following additional information:

  • Additional data about the device, connectivity, and configuration, beyond that collected under Required diagnostic data.
  • Status and logging information about the health of operating system and other system components beyond that collected about the update and diagnostics systems under Required diagnostic data.
  • App activity, such as which programs are launched on a device, how long they run, and how quickly they respond to input.
  • Browser activity, including browsing history and search terms, in Microsoft browsers (Microsoft Edge or Internet Explorer).
  • Enhanced error reporting, including the memory state of the device when a system or app crash occurs (which may unintentionally contain user content, such as parts of a file you were using when the problem occurred). Crash data is never used for Tailored experiences as described below.

Some of the data described above may not be collected from your device even if you choose to send Optional diagnostic data. Microsoft minimizes the volume of Optional diagnostic data it collects from all devices by collecting some of the data from only a subset of devices (sample). By running the Diagnostic Data Viewer tool, you can see an icon which indicates whether your device is part of a sample and also which specific data is collected from your device. Instructions for how to download the Diagnostic Data Viewer tool can be found in the Windows settings app under Diagnostics & feedback.

Specific data items collected in Windows diagnostics are subject to change to give Microsoft flexibility to collect the data needed for the purposes described. For example, to enable Microsoft to troubleshoot the latest performance issue impacting users’ computing experience or update a Windows device that is new to the market, Microsoft may need to collect data items that were not collected previously. For a current list of data types collected at Required diagnostic data and Optional diagnostic data, see Windows Required (Basic level) diagnostic events and fields or Windows Optional (Full level) diagnostic data. We provide limited portions of error report information to partners (such as the device manufacturer) to help them troubleshoot products and services which work with Windows and other Microsoft product and services. They are only permitted to use this information to repair or improve those products and services. We may also share some aggregated, de-identified diagnostic data, such as general usage trends for Windows apps and features, with selected third parties. Learn more about diagnostic data in Windows.

Inking and typing Recognition. You also can choose to help Microsoft improve inking and typing recognition by sending inking and typing diagnostic data. If you choose to do so, Microsoft will collect samples of the content you type or write to improve features such as handwriting recognition, autocompletion, next word prediction, and spelling correction in the many languages used by Microsoft customers. When Microsoft collects inking and typing diagnostic data, it is divided into small samples and processed to remove unique identifiers, sequencing information, and other data (such as email addresses and numeric values) which could be used to reconstruct the original content or associate the input to you. It also includes associated performance data, such as changes you manually make to text, as well as words you've added to the dictionary. Learn more about improving inking and typing in Windows.

If you choose to turn on Tailored experiences, we will use your Windows diagnostic data (Required or Optional as you have selected) to offer you personalized tips, ads, and recommendations to enhance Microsoft experiences. If you have selected Required as your diagnostic data setting, personalization is based on information about your device, its settings and capabilities, and whether it is performing properly. If you have selected Optional, personalization is also based on information about how you use apps and features, plus additional information about the health of your device. However, we do not use information about the websites you browse, the content of crash dumps, speech, typing, or inking input data for personalization when we receive such data from customers who have selected Optional.

Tailored experiences include suggestions on how to customize and optimize Windows, as well as ads and recommendations for Microsoft and third-party products and services, features, apps, and hardware for your Windows experiences. For example, to help you get the most out of your device, we may tell you about features you may not know about or that are new. If you are having a problem with your Windows device, you may be offered a solution. You may be offered a chance to customize your lock screen with pictures, or to be shown more pictures of the kind you like, or fewer of the ones you do not. If you stream movies in your browser, you may be recommended an app from the Microsoft Store that streams more efficiently. Or, if you are running out of space on your hard drive, Windows may recommend you try OneDrive or purchase hardware to gain more space. Learn more about tailored experiences in Windows.

Feedback HubFeedback Hubmainfeedbackhubmodule
Summary

Feedback Hub is a preinstalled app that provides a way to gather feedback on Microsoft products and installed first party and third-party apps. You can sign into Feedback Hub using either your personal Microsoft account or an account provided by your organization (such as your employer or school) that you use to sign into Microsoft products. Signing in with your work or school account allows you to submit feedback to Microsoft in association with your organization.

Any feedback you provide whether using your work or school account or personal Microsoft account may be publicly viewable depending on the settings configured by your organization’s administrators. Additionally, if feedback is provided using your work or school account, your feedback can be viewed through the Feedback Hub by your organization’s administrators.

When you submit feedback to Microsoft about a problem or add more details to a problem, diagnostic data will be sent to Microsoft to improve Microsoft products and services. Depending on your Diagnostic data settings in the Diagnostics & feedback section of the Windows settings app, Feedback Hub will either send diagnostic data automatically or you will have the option to send it to Microsoft at the time you provide feedback. Based on the category chosen when submitting feedback, there may be additional personal data collected that helps to further troubleshoot issues; for example, location related information when submitting feedback about location services or gaze related information when submitting feedback on Mixed Reality. Microsoft may also share your feedback along with the data collected when you submit your feedback with Microsoft partners (such as a device manufacturer, or firmware developer) to help them troubleshoot products and services that work with Windows and other Microsoft products and services. Learn more about diagnostic data in Windows.

Location services and recordingLocation services and recordingmainlocationservicesmotionsensingmodule
Summary

Windows location service. Microsoft operates a location service that helps determine the precise geographic location of a specific Windows device. Depending on the capabilities of the device, the device’s location can be determined with varying degrees of accuracy and may in some cases be determined precisely. When you have enabled location on a Windows device, or you have given permission for Microsoft apps to access location information on non-Windows devices, data about cell towers and Wi-Fi access points and their locations is collected by Microsoft and added to the location database after removing any data identifying the person or device from which it was collected. This de-identified location information is used to improve Microsoft's location services and, in some instances, shared with our location service provider partners, currently HERE (see https://www.here.com/) and Skyhook (see https://www.skyhook.com) to improve the location services of the provider.

Windows services and features, apps running on Windows, and websites opened in Windows browsers can access the device’s location through Windows if your settings allow them to do so. Some features and apps request location permission when you first install Windows, some ask the first time you use the app, and others ask every time you access the device’s location. For information about certain Windows apps that use the device’s location, see the Windows apps section of this privacy statement.

When an app or feature accesses the device’s location and you are signed in with a Microsoft account, your Windows device will also upload its location to the cloud where it is available across your devices to other apps or services that use your Microsoft account and for which you’ve granted permission. We will retain only the last known location (each new location replaces the previous one). Data about a Windows device's recent location history is also stored on the device even if not using a Microsoft account, and certain apps and Windows features can access this location history. You can clear your device's location history at any time in the Windows settings app.

In the Windows settings app, you can also view which apps have access to the device’s precise location or your device's location history, turn off or on access to the device’s location for particular apps, or turn off access to the device’s location. You can also set a default location, which will be used when the location service can’t detect a more exact location for your device.

There are some exceptions to how your device’s location can be determined that are not directly managed by the location settings.

Desktop apps are a specific type of app that won’t ask for separate permission to discover your device location information and won’t appear in the list that allows you to choose apps that can use your location. They can be downloaded from the Microsoft Store, downloaded from the internet, or installed with some type of media (such as a CD, DVD, or USB storage device). They’re opened using an .EXE, .MSI, or .DLL file, and they typically run on your device, unlike web-based apps (which run in the cloud). Learn more about third-party desktop apps and how they may still be able to determine your device’s location when the device’s location setting is off.

Some web-based experiences or third-party apps that surface on Windows could use other technologies (such as Bluetooth, Wi-Fi, cellular modem, etc.) or cloud-based location services to determine your device’s location with varying degrees of accuracy even when you’ve turned off the device location setting.

In addition, to facilitate getting help in an emergency, whenever you make an emergency call, Windows will attempt to determine and share your precise location, regardless of your location settings. If your device has a SIM card or is otherwise using cellular service, your mobile operator will have access to your device’s location. Learn more about location in Windows.

General Location. If you turn on Location services, apps that cannot use your precise location may still have access to your general location, such as your city, postal code, or region.

Find my device. The Find my device feature allows an administrator of a Windows device to find the location of that device from account.microsoft.com/devices. To enable Find my device, an administrator needs to be signed in with a Microsoft account and have the location setting enabled. This feature will work even if other users have denied access to location for all their apps. When the administrator attempts to locate the device, users will see a notification in the notification area. Learn more about Find my device in Windows.

Recording. Some Windows devices have a recording feature that allows you to capture audio and video clips of your activity on the device, including your communications with others. If you choose to record a session, the recording will be saved locally on your device. In some cases, you may have the option to transmit the recording to a Microsoft product or service that broadcasts the recording publicly. Important: You should understand your legal responsibilities before recording and/or transmitting any communication. This may include obtaining the prior consent of everyone participating in the conversation or any other authorizations as required. Microsoft is not responsible for how you use recording features or your recordings.

Phone Link - Link to WindowsPhone Link - Link to Windowsmainyourphonemodule
Summary

Phone Link - Link to Windows The Phone Link feature lets you link your Android phone with your Microsoft Account, enabling a variety of cross-device experiences. You can use Phone Link to see recent photos from your Android phone on your Windows device; make and receive calls from your Android phone on your Windows device; view and send text messages from your Windows device; view, dismiss, or perform other actions to your Android phone notifications from your Windows device; share your phone screen on your Windows device through Phone Link’s mirroring function; and instantly access Android apps installed on your Android phone on your Windows device.

To use Phone Link, the Link to Windows app must be installed on your Android phone.

To use Phone Link, you must log into your Microsoft account on the Phone Link feature on your Windows device and on the Link to Windows app on your Android phone. Your Android phone and your Windows device must be connected to the internet. Some features will require you to enable Bluetooth and pair your phone with your PC. To use the Calls feature, your Android phone must also have Bluetooth enabled.

During setting up your Windows device, you can choose to link your phone with your Microsoft account. This is done by signing into Link to Windows on your Android phone, granting permissions and completing the onboarding experience. Once complete, Link to Windows will sync your data, such as your text messages, contacts, call history, photos, notifications, and other information, to all your Windows PCs where you have signed into your Microsoft account. See below for details on how your data is used.

As part of providing Phone Link’s features to you, Microsoft collects performance, usage, and device data that includes, for example, the hardware capabilities of your mobile phone and Windows device, the number and duration of your sessions on Phone Link, and the amount of time you spent during setup.

You can unlink your Android phone from your Windows device at any time by going into your Phone Link app settings and choosing to remove your Android phone. You can do the same from the app settings on the Link to Windows app on your Android phone. For detailed information, see our support page.

Text Messages. Phone Link allows you to view text messages delivered to your Android phone on your Windows device and send text messages from your Windows device. Only text messages received and sent within the last 30 days are visible on your Windows device. These text messages are temporarily stored on your Windows device. We never store your text messages on our servers or change or delete any text messages on your Android phone. You can see messages sent via SMS (Short Message Service) and MMS (Multimedia Messaging Service) on Android devices, and messages sent via RCS (Rich Communication Services) on select Samsung devices on select mobile operator networks. To provide this functionality, Phone Link accesses the content of your text messages and the contact information of the individuals or businesses from whom you are receiving or sending text messages.

Calls. Phone Link allows you to make and receive calls from your Android phone on your Windows device. Through Phone Link, you can also view your recent calls on your Windows device. To activate this feature, you must enable certain permissions on both your Windows device and Android phone, such as call logs access and permission to make phone calls from your PC. These permissions can be revoked at any time under the Phone Link Settings page on your Windows device and your Android phone's settings. Only calls received and dialed within the last 30 days are visible under call logs on your Windows device. These call details are temporarily stored on your Windows device. We do not change or delete your call history on your Android phone.

Photos. Phone Link allows you to copy, share, edit, save, or delete photos from your Android phone on your Windows device. Only a limited number of your most recent photos from the Camera Roll and Screenshots folders on your Android phone will be visible on your Windows device at any given time. These photos are temporarily stored on your Windows device and as you take more photos on your Android phone, we remove the temporary copies of the older photos from your Windows device. We never store your photos on our servers or change or delete any photos on your Android phone.

Notifications. Phone Link allows you to view your Android phone’s notifications on your Windows device. Through Phone Link, you can read and dismiss your Android phone’s notifications from your Windows device or perform other actions related to the notifications. To activate this Phone Link feature, you must enable certain permissions, such as sync notifications, on both your Windows device and Android phone. These permissions can be revoked at any time under the Phone Link Settings page on your Windows device and your Android phone’s settings. For detailed information, see our support page.

Phone Screen Mirroring. On supported devices, Phone Link allows you to view your Android phone’s screen on your Windows device. Your Android phone screen will be visible on your Windows device as a pixel stream and any audio that you enable on your Android phone screen while it is linked to your Windows device through Phone Link will play through your Android phone.

Apps mirroring. On supported devices, Phone Link allows you to use your Android apps that are installed on your Android phone on your Windows device. For example, you can launch a music app in your Windows session and listen to audio from that app on your PC speakers. Microsoft collects a list of your installed Android apps and recent activity to provide the service and show you your most recently used apps. Microsoft does not store what apps you have installed or any of the information displayed by the app in your experience with it.

Content transfer. On supported devices, Phone Link allows you to copy and paste contents such as files, documents, photos, etc. between your Android phone and your Windows device. You can transfer content from your Android phone to your Windows device and from your Windows device to your Android phone by drag and drop contents between the devices.

Instant Hotspot. On supported devices, Link to Windows enables users to share mobile hotspot information with their paired PC over secure Bluetooth communication. Your PC application can then be connected to the internet through the Windows network flyout. Please note mobile data charges may apply depending on the mobile data plan you have.

Contacts sync. Link to Windows allows you to sync your Android contacts into the Microsoft cloud to access them in other Microsoft products and services. You can enable this feature by going into Link to Windows settings and enabling “Contacts sync” feature. Your contacts information is stored online and associated with your Microsoft account. You may choose to disable sync and delete these contacts at any time. Learn more.

Text-to-voice. Phone Link features include accessibility functionality such as text-to-voice. You can activate a text-to-voice feature, which allows you to hear the contents of a text message or notification as audio. If you activate this feature, your text messages and notifications will be read out loud as they are received.

Office Enterprise – Android Devices. Link to Windows allows you to insert photos into web and desktop versions of select Microsoft 365 apps, such as PowerPoint, Excel, and Word directly from your mobile phone. This requires your IT Administrator to have enabled Optional Connected Experiences for Microsoft Office applications and you will need to associate your mobile device with your work or school account and provide Photos permission to your account. After onboarding, your session will last 15 minutes to enable you to transfer your Photos from your mobile device. To use this feature again, you will need to scan your QR code. Link to Windows does not collect your work or school account information or information about your Enterprise. In order to provide this service, Microsoft uses a cloud service to relay your files for the purpose of inserting the photos into web and desktop version of select Microsoft 365 apps, such as PowerPoint, Excel, and Word files.

Security and safety featuresSecurity and safety featuresmainsecurityandsafetyfeaturesmodule
Summary

Device encryption. Device encryption helps protect the data stored on your device by encrypting it using BitLocker Drive Encryption technology. When device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for your personal device is automatically backed up online in your personal Microsoft OneDrive account. Microsoft doesn't use your individual recovery keys for any purpose.

Malicious Software Removal Tool. The Malicious Software Removal Tool (MSRT) runs on your device at least once per month as part of Windows Update. MSRT checks devices for infections by specific, prevalent malicious software ("malware") and helps remove any infections found. When the MSRT runs, it will remove the malware listed on the Microsoft Support website if the malware is on your device. During a malware check, a report will be sent to Microsoft with specific data about malware detected, errors, and other data about your device. If you do not want MSRT to send this data to Microsoft, you can disable MSRT's reporting component.

Microsoft Family. Parents can use Microsoft Family Safety to understand and set boundaries on how their child is using their device. Please carefully review the information at Microsoft Family Safety if choosing to create or join a family group. If you live in a region that requires permission to create an account to access Microsoft services, you may be prompted to request or give parental consent. If a user is under the statutory age in your region, during the registration process they will be prompted to request consent from a parent or guardian by entering an adult’s email. When Family activity reporting is turned on for a child, Microsoft will collect details about how the child uses their device and provide parents with reports of that child's activities. Activity reports are routinely deleted from Microsoft servers.

Microsoft Defender SmartScreen and Smart App Control. Microsoft strives to help protect your device and passwords from unsafe apps, files, and web content.

Microsoft Defender SmartScreen helps protect you when using our services by identifying threats to you, your device, and your passwords. These threats might include potentially unsafe apps or web content that Microsoft Defender SmartScreen discovers while checking websites you visit, files you download, and apps you install and run. When Microsoft Defender SmartScreen checks web and app content, data about the content and your device is sent to Microsoft, including the full web address of the content. When additional analysis is needed to identify security threats, information about the suspicious website or app—such as content displayed, sounds played, and application memory—may be sent to Microsoft. This data will only be used for security purposes in detecting, protecting against, and responding to security incidents, identity theft, fraud, or other malicious, deceptive, or illegal activities. If Microsoft Defender SmartScreen detects that content is potentially unsafe, you will see a warning in place of the content. Microsoft Defender SmartScreen can be turned on or off in the Windows Security app.

Where supported, Smart App Control helps check software that is installed and runs on your device to determine if it is malicious, potentially unwanted, or poses other threats to you and your device. On a supported device, Smart App Control starts in evaluation mode and the data we collect for Microsoft Defender SmartScreen such as file name, a hash of the file’s contents, the download location, and the file’s digital certificates, is used to help determine whether your device is a good candidate to use Smart App Control for additional security protection. Smart App Control is not enabled and will not block during evaluation mode. Some devices may not be good candidates if Smart App Control would otherwise get in the way and interfere with a user’s otherwise intended and legitimate tasks – for instance, developers who use a lot of unsigned files. If you are a good candidate for Smart App Control, then it will automatically be turned on, and will provide additional protection to your device beyond Microsoft Defender SmartScreen. Otherwise, Smart App Control will be unavailable and permanently turned off. If your device is unsupported or not a good candidate for Smart App Control, Microsoft Defender SmartScreen will continue to help protect your device. When Smart App Control is enabled and identifies an app as malicious, potentially unwanted, or unknown and unsigned, it will block and notify you prior to opening, running, or installing the app. Learn more about Smart App Control.

When either Microsoft Defender SmartScreen or Smart App Control checks a file, data about that file is sent to Microsoft, including the file name, a hash of the file’s contents, the download location, and the file’s digital certificates.

Smart App Control can be turned on or off in the Windows Security app.

Microsoft Defender Antivirus. Microsoft Defender Antivirus looks for malware and other unwanted software, potentially unwanted apps, and other malicious content on your device. Microsoft Defender Antivirus is automatically turned on to help protect your device if no other antimalware software is actively protecting your device. If Microsoft Defender Antivirus is turned on, it will monitor the security status of your device. When Microsoft Defender Antivirus is turned on, or is running because Limited Periodic Scanning is enabled, it will automatically send reports to Microsoft that contain data about suspected malware and other unwanted software, potentially unwanted apps, and other malicious content, and it may also send files that could contain malicious content, such as malware or unknown files for further inspection. If a report is likely to contain personal data, the report is not sent automatically, and you'll be prompted before it is sent. You can configure Microsoft Defender Antivirus not to send reports and suspected malware to Microsoft.

Speech, Voice Activation, Inking, and TypingSpeech, Voice Activation, Inking, and Typingmainspeechinkingtypingmodule
Summary

Speech. Microsoft provides both a device-based speech recognition feature and cloud-based (online) speech recognition technologies.

Turning on the Online speech recognition setting lets apps use Microsoft cloud-based speech recognition. Additionally, in Windows 10, the Online speech recognition setting enables your ability to use dictation within Windows.

Turning on speech while setting up a HoloLens device or installing Windows Mixed Reality allows you to use your voice for commands, dictation, and app interactions. Both device-based speech recognition and online speech recognition settings will be enabled. With both settings enabled, while your headset is turned on the device will always be listening to your voice input and will send your voice data to Microsoft’s cloud-based speech recognition technologies.

When you use cloud-based speech recognition technologies from Microsoft, whether enabled by the Online speech recognition setting or when you interact with HoloLens or voice typing, Microsoft collects and uses your voice recordings to provide the speech recognition service by creating a text transcription of the spoken words in the voice data. Microsoft will not store, sample, or listen to your voice recordings without your permission. To learn more about how Microsoft manages your voice data, see Speech recognition technologies.

You can use device-based speech recognition without sending your voice data to Microsoft. However, Microsoft cloud-based speech recognition technologies provide more accurate recognition than the device-based speech recognition. When the online speech recognition setting is turned off, speech services that do not rely on the cloud and only use device-based recognition—like the live captions app, the Narrator app or the Windows Speech Recognition app—will still work and Microsoft won’t collect any voice data.

You can turn off online speech recognition at any time. This will stop any apps that rely on the Online speech recognition setting from sending your voice data to Microsoft. If you are using a HoloLens or Windows Mixed Reality headset, you can also turn off device-based speech recognition at any time. This will stop the device from listening for your voice input. Learn more about speech recognition in Windows.

Voice Activation. Windows provides supported apps with the ability to respond and take action based on voice keywords that are specific to that app—for example allowing Cortana to listen and respond when you say “Cortana.”

If you’ve given permission for an app to listen for voice keywords, Windows will be actively listening to the microphone for these keywords. Once a keyword is recognized, the app will have access to your voice recording, can process the recording, take action, and respond, such as with a spoken answer. The app may send the voice recording to its own services in the cloud to process the commands. Each app should ask you for permission before accessing voice recordings.

Additionally, voice activation can be enabled when the device is locked. If enabled, the relevant app will continue listening to the microphone for voice keywords when you have locked your device and can activate for anyone who speaks near the device. When the device is locked, the app will have access to the same set of capabilities and information as when the device is unlocked.

You can turn off voice activation at any time. Learn more about voice activation in Windows.

Even when you’ve turned off voice activation, some third-party desktop apps and services could still be listening to the microphone and collect your voice input. Learn more about third-party desktop apps and how they may still be able to access your microphone even with these settings turned off.

Voice typing. In Windows 11, dictation has been updated and renamed as voice typing. Voice typing may use both device-based and online speech recognition technologies to power its speech-to-text transcription service. You can also choose to contribute voice clips to help improve voice typing. If you choose not to contribute voice clips, you can still use voice typing. You can change your selection anytime in the voice typing settings. Microsoft will not store, sample, or listen to your voice recordings without your permission. Learn more about Microsoft and your voice data.

Voice access. Windows enables everyone, including people with mobility disabilities, to control their PC and author text using their voice. For example, voice access supports scenarios like opening and switching between apps, browsing the web, and reading and authoring mail. Voice access leverages modern, on-device speech recognition to accurately recognize speech and is supported without an internet connection. Learn more about voice access.

Inking & Typing Personalization. Your typed and handwritten words are collected to provide you with a custom word list, better character recognition to help you type and write on your device, and text suggestions that appear as you type or write.

You can turn off inking & typing personalization at any time. This will delete your customer word list stored on your device. If you turn it back on, you’ll need to recreate your custom word list. Learn more about inking & typing personalization in Windows.

Sync and backup settingsSync and backup settingsmainsyncsettingsmodule
Summary

When you sign into Windows with your Microsoft account or work or school account, Windows can store your settings, files, and device configuration data in Microsoft’s servers. Windows will only use the stored settings, files, and device configuration data to make it easier for you to migrate your experience on a different device.

You can turn off this feature and stop Windows from storing your settings, files, and configuration data from the Windows settings app. You can also delete the sync and backup data Windows has stored in the settings app.

Learn more about Windows backup and sync settings.

Update ServicesUpdate Servicesmainupdateservicesmodule
Summary

Update Services for Windows includes Windows Update and Microsoft Update. Windows Update is a service that provides you with software updates for Windows software and other supporting software, such as drivers and firmware supplied by device manufacturers. Microsoft Update is a service that provides you with software updates for other Microsoft software such as Microsoft 365.

Windows Update automatically downloads Windows software updates to your device. You can configure Windows Update to automatically install these updates as they become available (recommended) or have Windows notify you when a restart is required to finish installing updates. Apps available through the Microsoft Store are automatically updated through the Microsoft Store, as described in the Microsoft Store section of this privacy statement.

Web browsers—Microsoft Edge Legacy and Internet ExplorerWeb browsers—Microsoft Edge Legacy and Internet Explorermainwebbrowsersmodule
Summary

This section applies to legacy versions of Microsoft Edge (versions 44 and below). See the Microsoft Edge section of the Privacy Statement for information about non-legacy versions of Microsoft Edge.

Microsoft Edge is the default web browser for Windows. Internet Explorer, the legacy browser from Microsoft, is also available in Windows. Whenever you use a web browser to access the internet, data about your device ("standard device data") is sent to the websites you visit and online services you use. Standard device data includes your device's IP address, browser type and language, access times, and referring website addresses. This data might be logged on those websites' web servers. Which data is logged and how that data is used depends on the privacy practices of the websites you visit and web services you use. Additionally, Microsoft Edge sends a unique browser ID to certain websites to enable us to develop aggregate data used to improve browser features and services.

Additionally, data about how you use your browser, such as your browsing history, web form data, temporary internet files, and cookies, is stored on your device. You can delete this data from your device using Delete Browsing History.

Microsoft Edge allows you to capture and save content on your device, such as:

  • Web note. Allows you to create ink and text annotations on the webpages you visit, and clip, save, or share them.
  • Active reading. Allows you to create and manage reading lists, including websites or documents.
  • Hub. Allows you to easily manage your reading lists, favorites, downloads, and history all in one area.
  • Website Pin to Taskbar. Allows you to pin your favorite websites to the Windows taskbar. Websites will be able to see which of their webpages you have pinned, so they can provide you a notification badge letting you know there is something new for you to check out on their websites.

Some Microsoft browser information saved on your device will be synced across other devices when you sign in with your Microsoft account. For instance, in Internet Explorer, this information includes your browsing history and favorites; and in Microsoft Edge, it includes your favorites, reading lists, autofill form entries (such as your name, address, and phone number), and may include data for extensions that you have installed. As an example, if you sync your Microsoft Edge reading list across devices, copies of the content you choose to save to your reading list will be sent to each synced device for later viewing. You can disable syncing in Internet Explorer by going to Start > Settings > Accounts > Sync your settings. (For more information, see the Sync settings section of this privacy statement.) You can also disable syncing of Microsoft Edge browser information by turning off the sync option in Microsoft Edge Settings.

Microsoft Edge and Internet Explorer use your search queries and browsing history to provide you with faster browsing and more relevant search results. These features include:

  • Search suggestions in Internet Explorer automatically sends the information you type into the browser address bar to your default search provider (such as Bing) to offer search recommendations as you type each character.
  • Search and site suggestions in Microsoft Edge automatically sends the information you type into the browser address bar to Bing (even if you have selected another default search provider) to offer search recommendations as you type each character.

You can turn off these features at any time. In order to provide search results, Microsoft Edge and Internet Explorer send your search queries, standard device information, and location (if you have location enabled) to your default search provider. If Bing is your default search provider, we use this data as described in the Bing section of this privacy statement.

Cortana can assist you with your web browsing in Microsoft Edge with features such as Ask Cortana. You can disable Cortana assistance in Microsoft Edge at any time in Microsoft Edge Settings. To learn more about how Cortana uses data and how you can control that, go to the Cortana section of this privacy statement.

Windows appsWindows appsmainwindowsappsmodule
Summary

A number of Microsoft apps are included with Windows and others are available in Microsoft Store. Some of those apps include:

Maps app. The Maps app provides location-based services and uses Bing services to process your searches within the Maps app. When the Maps app has access to your location, and you have enabled location-based services in Windows, when you use the “@” key to initiate a search in supported text boxes in Windows apps, Bing services collects the text you type after the “@” key to provide location-based suggestions. To learn more about these Bing-powered experiences, see the Bing section of this privacy statement. When the Maps app has access to your location, even when the app is not in use, Microsoft may collect de-identified location data from your device to improve Microsoft services. You can disable the Maps app's access to your location by turning off the location service or turning off the Maps app's access to the location service.

You can keep track of your favorite places and recent map searches in the Maps app. Your favorite places and search history will be included as search suggestions. If you're signed in with your Microsoft account, your favorite places, search history, and certain app settings will be synced across other devices and services (for example, Cortana). For more information, see the Sync and backup settings section of this privacy statement.

Camera app. If you allow the Camera app to use your location, location data is embedded in the photos and videos you take with your device. Other descriptive data, such as camera model and the date that the picture or video was taken, is also embedded in photos and videos. If you choose to share a photo or video, any embedded data will be accessible to the people and services you share with. Once enabled, you can always disable the Camera app's access to your location by turning off all access to the location service in your device's Settings menu or turning off the Camera app's access to the location service.

When the Camera app is open, it shows rectangles detected by the selected camera for areas in the image that are potentially used for image enhancement. The Camera app does not retain any image enhancing data. You can always change your camera access settings in the Camera app’s Settings menu or the Windows Settings menu.

Photos app. There are two versions of the Photos app available. The updated Photos app includes features like iCloud integration and local and cloud folder views. The previous legacy version of the Photos app includes features like Video Editor, the People tab, and Albums. You are using the updated Photos app if the “About” section in the Photos app settings indicates the app is the “Updated” Photos app. In some cases, a user may have both the updated Photos app and the Photos legacy version downloaded on their device.

The updated Photos app helps you organize, view, and share your photos and videos. For example, the Photos app presents different ways to group photos and videos by name, date taken, or date modified, and also in folders where those files are stored, such as stored locally on your device or synced to your device from OneDrive, iCloud, and other cloud services. The app also allows you to move, copy or upload files to different locations on your computer or to OneDrive. The All Photos tab displays your locally stored or synced photos and videos according to the date they are taken. The Favorites tab lets you view photos and videos you previously liked or favorited. The Folders tab allows you to view photos or videos by their storage location. There are also tabs where you can see your photos and videos from available cloud services (such as OneDrive and other third-party services) that you have synced to your device.

The Photos legacy app also helps you organize, view, and share your photos and videos. However, if you are using the Photos legacy app, you may see other features that are not available in the newer version of the Photos app, including Collections, Albums, Video Editor and the People setting. The Collection tab displays photos and videos according to the date they are taken. The Albums tab helps you organize your photos and videos by location and common tags. The Video Editor allows you to edit, create, and share videos.

The People setting can be enabled on the Photos legacy app's Settings page and in the People tab of the app. When enabled, the Photos legacy app will use face grouping technology to organize your photos and videos into groups. The grouping feature can detect faces in a photo or video and determine whether they are visually similar to faces in other photos and videos in your local photo collection. You can choose to associate a facial grouping with a contact from your People app.

When enabled in the Photos legacy app, your groupings will be stored on your device for as long as you choose to keep the groupings or the photos or videos. If the People setting is turned on, there will be a prompt to allow the Photos legacy app to continue to permit facial groupings after three years of non-interaction with the Photos legacy app. At any time, you can go to the Settings page in the Photos legacy app to turn the People setting on or off. Turning the feature off will remove facial grouping data from the Photos legacy app but will not remove your photos or videos. Learn more about the Photos legacy app and facial grouping.

If you choose to share a photo or video using the Photos app or the Photos legacy app, any embedded data (such as location, camera model, and date) will be accessible to the people and services you share the photo or video with.

People app. The People app lets you see and interact with all your contacts in one place. When you add an account to the People app, your contacts from your account will be automatically added to the People app. You can add other accounts to the People app, including your social networks (such as Facebook and Twitter) and email accounts. When you add an account, we tell you what data the People app can import or sync with the particular service and let you choose what you want to add. Other apps you install may also sync data to the People app, including providing additional details to existing contacts. When you view a contact in the People app, information about your recent interactions with the contact (such as emails and calendar events, including from apps that the People app syncs data from) will be retrieved and displayed to you. You can remove an account from the People app at any time.

Mail and Calendar app. The Mail and Calendar app allows you to connect all your email, calendars, and files in one place, including those from third-party email and file storage providers. The app provides location-based services, such as weather information in your calendar, but you can disable the app’s use of your location. When you add an account to the Mail and Calendar app, your email, calendar items, files, contacts, and other settings from your account will automatically sync to your device and to Microsoft servers. At any time, you can remove an account or make changes to the data that’s synced from your account. To configure an account, you must provide the app with the account credentials (such as user name and password), which will be sent over the internet to the third-party provider’s server. The app will first attempt to use a secure (SSL) connection to configure your account but will send this information unencrypted if your email provider does not support SSL. If you add an account provided by an organization (such as a company email address), the owner of the organizational domain can implement certain policies and controls (for example, multi-factor authentication or the ability to remotely wipe data from your device) that may affect your use of the app.

Messaging app. When you sign in with a Microsoft account on your device, you can choose to back up your information, which will sync your SMS and MMS messages and store them in your Microsoft account. This allows you to retrieve the messages if you lose or change phones. After your initial device set-up, you can manage your messaging settings at any time. Turning off your SMS/MMS backup will not delete messages that have been previously backed up to your Microsoft account. To delete such messages, you must first delete them from your device prior to turning off backup. If you allow the Messaging app to use your location, you can attach a link to your current location to an outgoing message. Location information will be collected by Microsoft as described in the Windows Location services section of this privacy statement.

Narrator. Narrator is a screen-reading app that helps you use Windows without a screen. Narrator offers intelligent image and page title description and web page summaries when you encounter undescribed images and ambiguous links.

When you choose to get an image description by pressing Narrator + Ctrl + D, the image will be sent to Microsoft to perform analysis of the image and generate a description. Images are used only to generate the description and are not stored by Microsoft.

When you choose to get page title descriptions by pressing Narrator + Ctrl + D, the URL of the site you are visiting will be sent to Microsoft to generate the page title description and to provide and improve Microsoft services, such as Bing services as described in the Bing section above.

When you choose to get a list of popular links for a web page by pressing Narrator + double press of S, the URL of the site you are visiting will be sent to Microsoft to generate the summary of popular links and to provide and improve Microsoft services, such as Bing.

You can disable these features at any time by going to Narrator > Get image descriptions, page titles and popular links in the Windows setting app.

You can also send feedback about Narrator to help Microsoft diagnose and resolve problems with Narrator and improve Microsoft products and services, such as Windows. Verbal feedback can be submitted at any time in Narrator by using Narrator Key + Alt + F. When you use this command, the Feedback Hub app will launch, giving you the opportunity to submit verbal feedback. If you enable the setting “Help Make Narrator Better” in the Windows settings app and submit verbal feedback through Feedback Hub, recent device and usage data, including event trace log (ETL) data, will be submitted along with your verbal feedback to improve Microsoft products and services, such as Windows.

Live captions. Live captions transcribe audio to help with the comprehension of spoken content. Live captions can generate captions from any audio containing speech, whether the audio is online, audio you have downloaded to your device, or audio received from your microphone. By default, transcribing microphone audio is disabled.

Voice data that is captioned is only processed on your device and is not shared to the cloud or with Microsoft. Learn more about live captions.

Windows Media PlayerWindows Media Playermainwindowsmediaplayermodule
Summary

Windows Media Player allows you to play CDs, DVDs, and other digital content (such as WMA and MP3 files), rip CDs, and manage your media library. To enrich your experience when you play content in your library, Windows Media player displays related media information, such as album title, song titles, album art, artist, and composer. To augment your media information, Windows Media player will send a request to Microsoft which contains standard computer information, an identifier for the media content, and the media information already contained in your Windows Media Player library (including information you may have edited or entered yourself) so that Microsoft can recognize the track and then return additional information that is available.

Windows Media Player also allows you to play back content that is streamed to you over a network. To provide this service, it is necessary for Windows Media Player to communicate with a streaming media server. These servers are typically operated by non-Microsoft content providers. During playback of streaming media, Windows Media Player will send a log to the streaming media server or other web server(s) if the streaming media server requests it. The log includes such details as: connection time, IP address, operating system version, Windows Media Player version, Player identification number (Player ID), date, and protocol. To protect your privacy, Windows Media Player defaults to sending a Player ID that is different for each session.

Windows HelloWindows Hellomainwindowshellomodule
Summary

Windows Hello provides instant access to your devices through biometric authentication. If you turn it on, Windows Hello uses your face, fingerprint, or iris to identify you based on a set of unique points or features that are extracted from the image and stored on your device as a template—but it does not store the actual image of your face, fingerprint, or iris. Biometric verification data that's used when you sign in doesn't leave your device. Your biometric verification data will remain on your device until you remove it. However, after a significant period of Windows Hello inactivity, you will be prompted to confirm that you want to continue to store your biometric verification data. You can delete your biometric verification data from within Settings. Learn more about Windows Hello.

Windows SearchWindows Searchmainwindowssearchmodule
Summary

Windows Search lets you search your stuff and the web from one place. If you choose to use Windows Search to search "your stuff," it will provide results for items on your personal OneDrive, your OneDrive for Business if so enabled, other cloud storage providers to the extent supported by those third-party providers, and on your device. If you choose to use Windows Search to search the web, or get search suggestions with Windows Search, your search results will be powered by Bing and we will use your search query as described in the Bing section of this privacy statement. Learn more about search in Windows.

Entertainment and related servicesEntertainment and related servicesmainentertainmentmodule
Summary

Entertainment and Related Services power rich experiences and enable you to access a variety of content, applications and games.

XboxXboxmainxboxmodule
Summary
Microsoft StoreMicrosoft Storemainwindowsstoremodule
Summary
Microsoft StartMicrosoft Startmainmainmodule
Summary
Groove Music and Movies & TVGroove Music and Movies & TVmaingroovemusicmoviestvmodule
Summary
SilverlightSilverlightmainsilverlightmodule
Summary
Windows Mixed RealityWindows Mixed Realitymainwindowsmixedrealitymodule
Summary
maineuropeanprivacymodule,mainsecurityofpersonaldatamodule,mainwherewestoreandprocessdatamodule,mainourretentionofpersonaldatamodule,maincaliforniaconsumerprivacyactmodule,mainartificialintelligencemodule,mainadvertisingmodule,mainspeechrecognitionmodule,mainpreviewreleasesmodule,mainchangestothisprivacystatementmodule,mainhowtocontactusmodule mainenterpriseservicesmodule,mainenterprisedevsoftwareappsmodule mainofficeservicesmodule,mainmsfamilymodule,mainteamsmodule,mainonedrivemodule,mainoutlookmodule,mainskypemodule,mainsurfaceduomodule,mainlinkedinmodule mainbingmodule,maincortanamodule,mainmsedgemodule,mainMicrosoftTranslatormodule,mainswiftkeymodule mainactivationmodule,mainactivityhistorymodule,mainadvertisingidmodule,maindiagnosticsmodule,mainfeedbackhubmodule,mainlocationservicesmotionsensingmodule,mainsecurityandsafetyfeaturesmodule, mainspeechinkingtypingmodule, mainsyncsettingsmodule,mainupdateservicesmodule,mainwebbrowsersmodule,mainwi-fisensemodule,mainwindowsappsmodule,mainwindowsmediaplayermodule,mainwindowshellomodule,mainyourphonemodule,mainwindowssearchmodule mainxboxmodule,mainwindowsstoremodule,mainmainmodule,maingroovemusicmoviestvmodule,mainsilverlightmodule,mainwindowsmixedrealitymodule
mainenterprisedeveloperproductsmodule
Cookies

Most Microsoft sites use cookies, small text files placed on your device which web servers utilize in the domain that placed the cookie can retrieve later. We use cookies to store your preferences and settings, help with sign-in, provide personalized ads, and analyze site operations. For more information, see the Cookies and similar technologies section of this privacy statement.

EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Frameworks

Microsoft complies with the EU-U.S., UK Extension to the EU-U.S., and Swiss-U.S. Data Privacy Frameworks. To learn more, see the Where we store and process personal data section, and visit the U.S. Department of Commerce’s Data Privacy Framework website.

Contact us

If you have a privacy concern, complaint, or question for the Microsoft Chief Privacy Officer or EU Data Protection Officer, please contact us by using our web form. For more information about contacting Microsoft, including Microsoft Ireland Operations Limited, see the How to contact us section of this privacy statement.