Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Microsoft

Microsoft Genuine Advantage Privacy Statement

 

Microsoft is committed to protecting your privacy. The Microsoft Genuine Advantage (“MGA”) program is part of an on-going effort to help protect its customers and partners from counterfeit software. Using a properly licensed, genuine copy of Microsoft software helps to ensure you will have access to all the latest features and updates from Microsoft.

If you discover that your system is not properly licensed, Microsoft would like to help you acquire a valid license. You may qualify for a discount. See the Microsoft Genuine Advantage website for details.

The MGA components are:

  • Validation, which determines whether you are running a properly licensed copy of Microsoft Software. Validation will detect and may disable or remove "activation exploits" which is software that circumvents or bypasses Microsoft product activation, validation, or licensing components. The presence of activation exploits indicates that a software or hardware vendor may have tampered with genuine Microsoft software to enable the sale of counterfeit software. Activation exploits may interfere with the normal operation of your software.
  • Notifications, which display periodic reminders such as whether there is a problem with your Windows license components or whether a more recent service pack is available for your Windows software. At this time, the Notifications component is offered on Windows XP, Windows Vista, and Windows 7, and in select countries, on Office XP, Office 2003 and Office 2007.

To effectively encourage the use of properly licensed software, these MGA components are designed to be a permanent part of the Microsoft software.

 

What data is collected?

To help you validate your software, the MGA tools must collect a certain amount of configuration information from your computer. The tools do not collect your name, address, e-mail address, or any other information that Microsoft will use to identify you or contact you.

The tools collect information such as:

  • Computer make and model
  • Version information for the operating system and software using Genuine Advantage
  • Region and language settings
  • A unique number assigned to your computer by the tools (Globally Unique Identifier or GUID)
  • Product Key (hashed) and Product ID
  • BIOS name, revision number, and revision date
  • Hard drive volume serial number (hashed)

In addition to the configuration information above, status information, such as the following, is also transferred:

  • Whether the installation was successful if one was performed
  • The result of the validation check, including information about any activation exploits and any related malicious or unauthorized software found, disabled or removed.
  • The name and a hash of the contents of the computer's start-up instructions file (commonly called the boot file) to help us discover activation exploits that modify this file.

If your system is identified as non-genuine, additional information may be sent to Microsoft to better understand why your system failed validation. This information can include error codes and the names and paths of files that compromise the integrity of your system.

The Windows Activation Exploit Detection Update for Windows Vista is used to detect activation exploits. This update scans your computer for known activation exploits and notifies you if any activation exploits are found. Data is sent to Microsoft from computers running Windows Vista SP1 and later; no data is sent from computers running Windows Vista RTM.

The same configuration information as described above is collected by the Windows Activation Exploit Detection Update and is sent to Microsoft from computers running Windows Vista SP1 and later versions of Windows even if no activation exploit is detected. If activation exploits are found on your computer, some additional information used to help Microsoft identify the activation exploits is also sent.

This additional information includes:

  • Breach identifiers
  • The breach's current state, such as cleaned, quarantined, or removed
  • The scanning engine version
  • Original equipment manufacturer identification
  • The breach file name and hash of the file.

As standard procedure, your Internet Protocol (IP) address is temporarily logged when your computer connects to an MGA website or server. These logs are routinely deleted.

Software piracy is a worldwide problem. To help spot possible systematic abuse of product licenses, certain information about the computer being validated is derived from its IP address. This information includes geographical location, ISP (Internet service provider) and domain name. The smallest geographical unit that can be resolved is a city. This resolution is done using data provided from a third party. Any collected data that could identify a user will not be used to contact the user. This data may be retained for the sales life-cycle of the product.

 

When is data collected?

On machines running Windows Vista SP1 and later versions of Windows, the above mentioned configuration information is collected after the Windows Activation Exploit Detection Update for Windows Vista has completed its scan. In addition, this configuration information is collected and sent to Microsoft every 30 days. If the scan finds activation exploits or determines that Windows running on your PC is non-genuine, then this information is sent every 7 days until Windows becomes genuine. Data is sent to Microsoft from computers running Windows Vista SP1 and later even if no activation exploit is detected; no data is sent from Windows Vista RTM. If activation exploits are found, additional information specific to identifying the activation exploits is included in the telemetry. Data is sent to Microsoft from computers running Windows Vista SP1 and later; no data is sent from Windows Vista RTM.

 

How is this data used?

We use the information to

  • Help prevent improperly licensed use of the software
  • Improve our software and services
  • Develop aggregate statistics.

We may also share aggregate data with others, such as hardware and software vendors and volume licensees to help protect their license keys.

 

What controls are available?

Users may customize some aspects of the Notifications component on Windows XP. If the component is installed, right-click the Notifications icon in the system tray for more information on available controls.

 

Changes to the Privacy Statement

We may occasionally update this privacy statement. When we do, we will revise the "last updated" date at the top of the privacy statement. We encourage you to periodically review this privacy statement to be informed of how Microsoft is protecting your information.

 

For More Information

If you have questions about this privacy statement, please contact us by using our web form at http://go.microsoft.com/fwlink/?LinkId=83260.

Microsoft Privacy
Microsoft Corporation
One Microsoft Way
Redmond, Washington 98052

Last updated: October 2009


© 2009 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy Statement