This privacy statement applies to Xbox products and services ("Services"), which include Xbox console versions, the Xbox Live service, Games for Windows Live, Windows Phone Games, Xbox Music, Xbox Store, and other products and services that link to this privacy statement. This privacy statement does not apply to other Microsoft products and services that do not link to the Xbox Privacy Statement.
Please read the summaries below and click "Learn More" for more details. Some products, services or features mentioned in this statement may not be available in all markets. You may find still more information about Microsoft’s commitment to protecting your privacy at http://www.microsoft.com/privacy.
Microsoft account (formerly known as Windows Live ID and Microsoft Passport) is a service that allows you to sign into your Xbox Live account plus other Microsoft products, web sites and services, as well as those of select Microsoft partners. When you create a Microsoft account, we ask you to provide certain information. When you sign in to Xbox using your Microsoft account, we collect certain information in order to verify your identity, to protect you from malicious account usage, and to protect the efficiency and security of the Microsoft account service. If you choose to link your Microsoft account with your account with a partner company, Microsoft may share limited account information with that company. Such account information may include name, address, email and date of birth but will not include any credit card or other payment information. For games that enable in-game communications, the game publisher may also have access to the content of in-game communications when you are signed into your account with the publisher.
Also, some of the applications on Xbox Live are delivered by a partner company, which may require that you create an account and sign-in credentials to use that application. You should read the application’s privacy statement to understand how your data will be managed. None of this separate account credential information will be shared with Microsoft.
When you create an account (on Xbox Live), we auto-generate a nickname for the account called a gamertag, which is used to identify you when you use the Service. Because the gamertag may be publicly displayed, you should not use personal information in your gamertag.
Microsoft account (formerly known as Windows Live ID and Microsoft Passport) is a service that allows you to sign into Microsoft products, web sites and services, as well as those of select Microsoft partners.
Creating a Microsoft account.
You can create a Microsoft account here by providing an email address, a password and other "account proofs", such as an alternate email address, a phone number, and a question and secret answer. We will use your "account proofs" for security purposes only - for instance, to verify your identity in the event that you cannot access your Microsoft account and need assistance, or to reset your password if you cannot access the email address associated with your Microsoft account. Some services may require added security, and in those cases, you may be asked to create an additional security key. The email address and password that you use to sign up for your Microsoft account are your "credentials" that you will use to authenticate with our network. Furthermore, a 64-bit unique ID number will be assigned to your credentials and will be used to identify your credentials and associated information.
When you create a Microsoft account, we will also ask you to provide the following demographic information: gender; country; birthdate; and postal code. We may use birthdate to verify that children obtain appropriate consent from a parent or guardian to use a Microsoft account, as required by local law. In addition, this demographic information is used by our online advertising systems to provide you with personalized advertisements about products and services you might find useful, but our advertising systems never get your name or contact information. In other words, our advertising systems do not contain or use any information that can personally and directly identify you (such as your name, email address and phone number). If you prefer not to receive personalized ads, you may register your preference with your Microsoft account by visiting this page so that whenever you sign into web sites or services with your Microsoft account, our advertising systems will not serve you personalized ads. For more information about how Microsoft uses information for advertising, please see the Microsoft Advertising Privacy Supplement.
You can use an email address provided by Microsoft (such as those ending in live.com, hotmail.com, or msn.com) or an email address provided by a third party (such as those ending in gmail.com or yahoo.com) when signing up for your Microsoft account.
Upon creating a Microsoft account, we will send you an email asking you to verify that you are the owner of the email address associated with your Microsoft account. This is designed to verify the validity of the email address and help prevent email addresses from being used without the permission of their owners. Thereafter, we will use that email address to send you communications relating to your use of Microsoft products and services; we may also send you promotional emails about Microsoft products and services as permitted by local law. For information about managing your receipt of promotional communications, please visit Communications.
If you attempt to register for a Microsoft account and find that another individual has already created credentials with your email address as the user name, you may contact us and request that the other individual adopt a different user name so that you may use your email address when creating your credentials.
Signing into software, sites or services with your Microsoft account.
When you sign into a site or service using your Microsoft account, we collect certain information in order to verify your identity on behalf of the site or service, to protect you from malicious account usage, and to protect the efficiency and security of the Microsoft account service. For instance, when you sign in, the Microsoft account service receives and logs your credentials and other information, such as the 64-bit unique ID number assigned to your credentials, your IP address, your web browser version and a time and date. Further, if you use a Microsoft account to sign into a device or into software that is installed on a device, a random unique ID is assigned to the device; this random unique ID will be sent as part of your credentials to the Microsoft account service when you subsequently sign into a site or service with your Microsoft account. The Microsoft account service sends the following information to the site or service that you have signed into: a unique ID number that permits the site or service to determine whether you are the same person from one sign-in session to the next; the version number assigned to your account (a new number is assigned each time you change your sign-in information); whether your email address has been confirmed; and whether your account has been deactivated.
Some third party sites and services that permit you to sign in with your Microsoft account require your email address in order to provide you with their services. In those cases, when you sign in, Microsoft will provide your email address but not your password to the site or service. However, if you created your credentials with the site or service, it may have limited access to information associated with your credentials in order to help you reset your password or provide other support services.
Please note that sites and services that permit you to sign in with your Microsoft account can use or share your email address or other personal information that you provide to them as described in their privacy statements. However, they can share the unique ID number provided to them by the Microsoft account service with third parties only in order to fulfill a service or transaction that you may have requested. All sites or services that use the Microsoft account are required to have a posted privacy statement, but we do not control or monitor the privacy practices of those sites, and their privacy practices will vary. You should carefully review the privacy statement for each site you sign into in order to determine how each site or service will use the information it collects.
Accessing your personal information.
You can access your personal information by going to account. You can change your user name if your Microsoft account does not belong to a managed domain. You can always change your password, alternate email address, phone number, and question and secret answer. You may also close your Microsoft account by going to account, and then "Close your account." If your account is in a managed domain, as described above, there may be a special process for closing your account. Please note that if you are an MSN or a Windows Live user, if you go to account, you may be redirected to account for those sites.
More information about Microsoft account is available at the Microsoft account web site.
Some of the applications found on Xbox Live are delivered by a partner company, which may require that you create an account and sign-in credentials to use that application. You should read the application’s privacy statement to understand how your data will be managed. None of this separate account credential information will be shared with Microsoft. If you choose to link your Microsoft account with your account with a partner company, Microsoft may share limited account information with that company. Such account information may include name, address, email and date of birth but will not include any credit card or other payment information. For games that enable in-game communications, the game publisher may also have access to the content of in-game communications when you are signed into your account with the publisher.
When you create an account (on Xbox Live), we auto-generate a nickname for the account called a gamertag, which is used to identify you when you use the Service. You can change your gamertag by accessing your profile on Xbox.com or a device connected to the Service. Because the gamertag may be publicly displayed, you should not use personal information in your gamertag. Gamertags and associated data like game stats and presence can be seen on properties associated with the Service, such as game leader boards, including those of partner companies.
Microsoft collects many kinds of information in order to operate effectively and provide you the best products, services and experiences we can.
We collect information when you register, sign in and use our sites and services. We also get information from other companies.
We collect this information in a variety of ways, including from web forms, use of Xbox features, technologies like cookies, web logging and software on your computer or other device.
Microsoft collects many kinds of information in order to operate effectively and provide you the best products, services and experiences we can. Some of this information you provide directly to us. Some of it we get by observing how you interact with our products and services. Some of it is available from other sources, and we may combine it with the data we collect directly. Regardless of the source, we believe it's important to treat your information with care and to help you maintain your privacy.
What we collect:
How we collect information:
We use a number of methods and technologies to gather information about how you use our sites and services, such as:
Microsoft uses the information we collect to operate, improve and personalize the products and services we offer.
We also may use the information to communicate with you, for example, informing you about your account and security updates.
And we may use the information to help make the ads you see on our ad-supported services more relevant.
Microsoft uses the information we collect to operate and improve our products and services. These uses may include personalizing the Services, providing recommendations, providing your transaction history to you, responding to your requests for customer support and improving the quality of the gaming experience and of Microsoft products, including Kinect. Information collected through one Microsoft service may be combined with information collected through other Microsoft services to give you a more consistent and personalized experience in your interactions with us. We may also supplement this with information from other companies. For example, we may use services from other companies to help us derive a general geographic area based on your IP address in order to customize certain services to your geographic area.
We also may use the information to communicate with you; for example, informing you when a subscription is ending, letting you know when security updates are available or letting you know when you need to take action to keep your account active.
Microsoft provides many of our sites and services free of charge because they are supported by advertising. In order to make these services widely available, the information we collect may be used to help improve the advertisements you see by making them more relevant to you.
If you participate in leaderboards, live-hosted gameplay, achievements, tournaments, and gamer-profile sharing, Microsoft and such partners as game publishers and service providers may collect, disclose and share your game scores; game play sessions; your presence on the Services; the time you spend on or within particular portions of the Services; portions of the Services that are displayed on your monitor or screen and the duration of that display; rankings, statistics, gamer profiles, avatars, and content that you may submit; and other usage information. These may be provided with or without attribution to you, your gamertag or avatar. In addition, for certain features to work in the context of specific games that you choose to use, publishers of those games may have access to the online contact information (such as a screen name) that allows others to contact you (or your associated accounts) on Xbox Live as permitted by your Privacy and Online settings.
Except as described in this privacy statement, we won’t disclose your personal information to a third party without your consent.
Please see Other Important Privacy Information for details about when we may disclose information, including with Microsoft affiliates and vendors; when required by law or to respond to legal process; to combat fraud or protect our interest; or to protect lives.
Click here for more information on sharing or disclosing personal information:
You can view or edit your personal information, including billing and account information, privacy settings, online safety and data sharing preferences by accessing My Account or through Settings on the Xbox console. You can cancel your account at any time by contacting Customer Support. Go here to find contact information for Customer Support.
You can also contact Microsoft by using the web form. We will respond to requests to access or delete your personal information within 30 days.
Kinect creates a virtual gaming environment where your body motions and voice can be used to control gameplay and to navigate through the Service. Kinect uses an infrared sensor, camera, and microphone to make control possible. You can turn Kinect off at any time.
The camera can be used to sign you in. To do so, it takes an image of your face and then measures distances between key points on your face to create a numeric value that represents only you. No one could look at the numbers and know they represent you. This authentication information stays on the console and is not shared with anyone.
You control what happens to photographs taken during gameplay and whether voice commands are captured for analysis.
When Kinect is used with certain games and apps, your skeletal movements can be used to estimate exercise stats. You can decide how your stats are managed and whether they are shared.
Some game titles may take advantage of a new Xbox capability called expressions. This feature allows you to use your defined facial expressions to control or influence a game. This data does not identify you, stays on the console and is destroyed once your session ends.
The Kinect sensor is a combination of camera, microphone, and infrared sensor. It enables you to be the controller, using voice, gestures or body movements.
Kinect’s camera and infrared sensor can be used to track your gestures or body movements as you control games or apps, or to navigate through Xbox. The camera can be used to sign you into the Services on the console using facial recognition technology if you choose. To do this it takes an image of your face and then measures distances between key points on your face to create a numeric value that represents only you. This value is stored as a very long set of numbers. No one could look at the numbers and know they represent you. This information stays on the console and is not shared with anyone. If you choose to sign in using Kinect, it looks at your face and if it recognizes you, you will be signed in to your profile. It also allows you to join a game in progress and be signed in automatically
Infrared helps services function in low-light settings and can be used for gameplay as needed.
For gameplay, Kinect will map distances between your body’s joints to create a stick figure – a “skeleton” – that helps Kinect enable gameplay on your console or between you and another online player. The numeric values for the stick figures are temporarily stored in memory on your console during the gameplay session, then are destroyed when you end the session. If you are playing online, Microsoft may collect those numeric values to enable and improve gameplay and improve the gaming experience. The numeric values sent to Microsoft are destroyed after analysis is complete. The stick figure representation cannot be used to identify you.
Kinect is also tracking hand gestures. When the sensor detects specific hand gestures intended to do simple system interactions (such as menu navigation, menu selection, pan/zoom, scroll), these motions are translated to specific “input instructions” as if they were happening from any other input device (such as a controller). These “input instructions” cannot be used to identify you.
Some game titles may take advantage of a new Xbox capability called expressions. This feature allows you to use your facial expressions to control or influence a game. This data does not identify you, stays on the console and is destroyed once your session ends.
Kinect games may photograph you while you are engaging in game play. You can view your photographs and decide whether to keep, transfer them off the console, or discard them. These photographs do not leave the console unless you choose to share them.
Kinect’s microphones help enable chat and audio. Chat includes online voice talk between players during gameplay or talking to others using services such as Skype. You should not expect any level of privacy concerning your use of the live communication features such as voice chat, video and communications in live-hosted gameplay sessions offered through the Services. We may monitor these communications to the extent permitted by law, but we cannot monitor the entire Service and make no attempt to do so. You understand that others can record and use these communications. Communications in live-hosted gameplay sessions may also be broadcast to others. Please note that Xbox does not listen in on Skype calls.
Audio includes commands for voice control of the console (for example, “Xbox Play”), using the Xbox voice search service, or altering the dynamic of gameplay (for example, menu navigation or interacting with the game environment). ). If you use your voice to enter search terms on Xbox, we will collect your voice snippet and convert your voice to text in order to provide you search results.
Voice Data for Product Improvement – You control whether Microsoft can use your Kinect voice data for product improvement. With user consent, samples of voice commands or voice search requests occurring while using Kinect may be collected and periodically sent to Microsoft for product improvement. You can view the settings related to voice data use, both voice commands and voice search data, via the Settings. If you change your choice around the use of this data for product improvement from Allow to Block, this will delete any voice samples stored on the console awaiting upload, not what has already been sent to Microsoft. We store voice data used for product improvement separately from any account information that directly identifies you.
Managing your Kinect experience
To learn more about Kinect, please visit the Kinect FAQ.
Exercise Information – If you use Xbox Fitness on Xbox One, or certain games and apps on Xbox 360, Xbox can use the Kinect sensor to estimate your exercise info, including estimates such as your heart rate during a certain activity or the number of calories burned during a workout. To improve the accuracy of your exercise info, you can enter attributes such as your height, weight, age, and gender. To share your accomplishments and participate in Xbox Live Fitness challenges, you can share your exercise info on Xbox Live. You can also choose to keep your exercise info private. New accounts created on the Xbox One have a have privacy defaults on exercise info set to block, which means it’s stored online and kept private. On Xbox 360, you can store your exercise info online or offline, on that Xbox 360. Children’s exercise info settings are controlled by adults in their Xbox families. To delete exercise info, do so through the apps or games you used to create it.
To enable the sharing experience on Xbox Music and Xbox Video and help you discover content that may interest you, Microsoft will collect information about what content you play, the length of play, and the rating you give in Xbox Music and Xbox Video. This information is sent to Microsoft directly from the device using the Xbox Music and Xbox Video service.
There is a privacy setting for your music history that lets you control whether other Xbox Live users can see what music you have listened to via Xbox. There is a privacy setting for your live TV and video history which allows you to control whether other Xbox Live users can see what live TV and on-demand videos you watched via Xbox.
To enrich your experience when playing content, the Services may display related information about the content you play and the content in your music library, such as the album title, cover art, song or video title, and other information, where available. This information may be automatically downloaded and stored with the content in your library or accessed through the internet. When you play or browse content, the Services display the related information. To download this information the Services send an information request to Microsoft containing standard device information, such as your device IP address, device software version, your regional and language settings, and an identifier for the content. The Services will store the resulting information in your content library for future use.
If you use the Services to access content that has been protected with Microsoft Digital Rights Management (DRM), it may automatically request media usage rights from an online rights server and download and install DRM updates in order to let you play the content. See the DRM information in the Microsoft Silverlight Privacy Statement for more information.
Whether your live TV viewing history is available to Microsoft depends on what live TV viewing app you use. If you use the Xbox TV App, there is a customer control allowing adults to choose whether we may collect information about live TV they watch through Xbox in order to provide them with recommendations and to improve the service. We may also collect TV viewing history from your console in a way that doesn’t identify you or others. We do not allow children or teens to choose to send us this information.
If you use a TV viewing application from another company, your privacy settings with that company (if any) determine whether that publisher may send your viewing history to Microsoft.
GameDVR is an Xbox One feature that lets you record the game you’re playing, including when you’re playing with other people in your house or multiplayer on Xbox Live.
When playing multiplayer on Xbox Live, any player in that session can use GameDVR to record their view of the gameplay taking place in that session. The recording may capture your in-game character and gamertag in the game clips created by other players in the gameplay session. No audio chat is recorded in these game clips.
GameDVR is an Xbox One feature that lets you record the game you’re playing, including when you’re playing with other people in your house or multiplayer on Xbox Live. GameDVR can also capture brief recordings automatically created by titles that share the moment when some cool thing was accomplished, such as a perfect dance routine.
When playing multiplayer on Xbox Live any player in that session can use GameDVR to record their view of the gameplay taking place in that session. The recording may capture your in-game character and gamertag in the game clips created by other players in the gameplay session. No audio chat is recorded in these game clips.
Users can go to Settings to control whether the Game DVR service is set to Allow or Block for game clip creation and upload. Users can go to Settings to control whether their game clips are shared with Friends, Everyone, or set to Block. Block is the default for children, and Friends is the default for Teens. Adults in the family can control this for children and teens. Anyone can delete their own game clips.
Upload Studio is an application that allows a person to edit their game clips, providing options to add video and voice-over to the clip. If adults in the family want to prevent children or teens from adding voice and video to their game clips, the option to share content made using Kinect can be set to Block, within Settings.
Microsoft may review game clips for violations of the Xbox Live Code of Conduct. This review may take place even when the game clip sharing is set to Block. There may be a delay before your game clip is visible.
Xbox console and web sites use your IP address to provide the Service. If you allow an Xbox application on Windows Phone to access your location, the approximate location of your phone may be sent periodically to Microsoft in order to award achievements, provide in-game rewards or customize gameplay. For example, games may use your location to award an achievement based on the distance traveled between game sessions. Xbox applications will only collect and store the approximate location of your phone as necessary for these purposes.
Xbox SmartGlass is an application that lets you use a phone or tablet to enhance games and entertainment experiences on the Xbox console. If you choose to download and use Xbox SmartGlass, it will collect only device and usage data (for example, device type and the game or application you are controlling) that cannot be used to identify you.
Xbox consoles and web sites use your IP address to provide the Services. If you allow an Xbox application on Windows Phone to access your location, the approximate location of your phone may be sent periodically to Microsoft in order to award achievements, provide in-game rewards or customize gameplay. For example, games may use your location to award an achievement based on the distance traveled between game sessions. Xbox applications on Windows Phone will only collect and store the approximate location of your phone as necessary for these purposes. To learn how Windows Phone protects your privacy, read the Windows Phone Privacy Statement. To disable a Windows Phone Xbox application’s access to your phone’s location, go to the Help/Options menu within the application.
Xbox SmartGlass is an application that lets you use a phone or tablet to enhance games and entertainment experiences on the Xbox console. If you choose to download and use Xbox SmartGlass, it will collect only device and usage data (for example, device type and the game or application you are controlling) that cannot be used to identify you. If you have installed SmartGlass and synced your SmartGlass application to the local Xbox console, your mobile device will display content from the service that is active on the Xbox.
If you are an Xbox Live subscriber, your gamertag and statistics such as high scores will be visible to other subscribers through the Xbox Live service, and may be visible to the general public, on properties associated with the service (for example, within a game, on the web and/or on the Windows Phone).
With Xbox Live you can send messages, play games with people, and share your status and activities. You can choose to share different types of information with everybody or friends, or choose to keep some information private (block). You can view and change your current sharing status within Settings. Adults in the family manage the default settings for child and teen accounts.
Some information is shared automatically with other Xbox Live users, including gamertag and some game statistics on leaderboards. This also includes Achievements, depending on your Game DVR privacy settings, title created Game DVR clips. Achievements are awarded for doing something cool in games or other parts of Xbox Live. title created Game DVR clips are brief recordings automatically created by titles that share the moment when some cool thing was accomplished, such as a perfect dance routine. Title created Game DVR clips will be shared in Xbox Live based on your Game DVR privacy control. For more information see GameDVR.
If you use an Xbox console, your personal computer, or SmartGlass, your gamertag will be automatically linked with your authentication network credentials, to personalize your experience. Your gamertag and credentials will also be linked so that when you sign into Xbox.com or other related gaming sites your experience will be personalized and you will have access to additional features. The linkage between your gamertag and Microsoft account may also be shared with third-party game sites in order for those sites to provide you with a personalized experience when you sign in.
If you are an Xbox Live subscriber, your gamertag and statistics, such as high scores will be visible to other subscribers through the Xbox Live service. They may also be visible to the general public on properties associated with the service (for example, within a game, on the web and/or on the Windows Phone). Other data, such as your gamer picture, motto, country, additional statistics, the games you play, and your online presence, may be available to other subscribers; however you can opt out of sharing this additional data or limit sharing within Settings.
If you have children who use the Services, you can set up child accounts for them. Children 17 and younger cannot create an account for the Services without parental consent. The owner of the associated parent account must consent to the collection of information about the child. This may involve the collection and verification of a credit card number in order to help determine that the owner of that parent account is an adult.
When a Microsoft site or service collects age information, it will either block users who say they are under 13 or will ask them to provide consent from a parent or guardian before they can use it. We will not knowingly ask children under 13 to provide more information than is necessary to provide the Service.
When a parent grants consent, the child's account is treated much like any other account. The child may have access to communication services like e-mail, audio and video chat and may be able to communicate with other users of all ages.
Adults in the family can change or revoke the consent choices previously made on Xbox.com. Parents can look in User Accounts for more information on how to review or edit their children's personal information. Parents can contact support here to request the deletion of their children's personal information.
If you have privacy questions about Xbox, you can contact us as described in the Other Important Privacy Information section. Below are third-party game publishers and app developers that may also collect personal information through Xbox:
Xbox Services are supported by advertising. Because Microsoft serves advertisements on the console and on our own web sites as well as those of our advertising and publisher partners, we are able to compile information over time about your use of Xbox services and the types of pages, content and ads you visited or viewed online. This information is used for many purposes, including to help select and display targeted advertisements that we believe may be of interest to you. When we display online advertisements to you, we will place one or more persistent cookies on your computer in order to recognize your computer each time we display an ad to you.
You may opt out of targeted ads from Microsoft and may choose to opt out on any device after you’ve signed in to Microsoft account.
Many of our web sites and online services are supported by advertising.
Most of the online advertisements on Microsoft sites and services are displayed by Microsoft Advertising. When we display online advertisements to you, we will place one or more persistent cookies on your computer in order to recognize your computer each time we display an ad to you. Because we serve advertisements on our own web sites as well as those of our advertising and publisher partners, we are able to compile information over time about the types of pages, content and ads you, or others who are using your computer, visited or viewed. This information is used for many purposes, for example, it helps us try to ensure that you do not see the same advertisements over and over again. We also use this information to help select and display targeted advertisements that we believe may be of interest to you.
You may opt out of receiving targeted ads from Microsoft Advertising by visiting our opt-out page. For more information about how Microsoft Advertising collects and uses information, please see the Microsoft Advertising Privacy Statement.
We also allow third-party ad companies, including other ad networks, to display advertisements on our sites. In some cases, these third parties may also place cookies on your computer. These companies currently include, but are not limited to: 24/7 Real Media, adblade, AdConion, AdFusion, Advertising.com, AppNexus, Bane Media, Brand.net, CasaleMedia, Collective Media, InMobi, Interclick, Jumptap, Millennial Media, nugg.adAG, Mobclix, Mojiva, SpecificMedia, Tribal Fusion, ValueClick, Where.com, Yahoo!, YuMe, Zumobi. These companies may offer you a way to opt out of ad targeting based on their cookies. You may find more information by clicking on the company names above and following the links to the web sites of each company. Many of them are also members of the Network Advertising Initiative or the Digital Advertising Alliance, which each provide a simple way to opt out of ad targeting from participating companies.
If you receive promotional e-mails from us and would like to stop getting them in the future, you can do so by following the directions in that message.
If you have an account (on Xbox Live), you can set your contact preferences and choose whether to share your contact information with Xbox partners by accessing My Account or through Settings on the Xbox console.
You also have the option of proactively making choices about the receipt of promotional e-mail, telephone calls, and postal mail from Microsoft by visiting and signing into the Promotional Communications Manager, which allows you to update contact information, manage Microsoft-wide contact preferences, opt out of subscriptions, and choose whether to share your contact information with Microsoft partners. If you do not have a Microsoft account, you can manage your Microsoft email communication preferences by using this web form. These choices do not apply to the display of online advertising; please refer to the section "Display of Advertising (Opt-out)" for details. Nor do they apply to the receipt of mandatory service communications that are considered part of certain Microsoft services, which you may receive periodically unless you cancel the service.
Most Microsoft web sites use "cookies," which are small text files placed on your hard disk by a web server. Cookies contain text that can be read by a web server in the domain that issued the cookie to you. That text often consists of a string of numbers and letters that uniquely identifies your computer, but may contain other information as well. Here is an example of the text stored in a cookie that Microsoft might place on your hard disk when you visit one of our web sites: E3732CA7E319442F97EA48A170C99801
Some of the cookies we commonly use are listed in the following chart. This list is not exhaustive, but it is intended to illustrate some of the reasons we set cookies. If you visit one of our web sites, the site may set some or all of the following cookies:
Identifies unique browsers to Microsoft sites. It is used for advertising, site analytics and other operational purposes.
Contains the ANID, a unique identifier used to help identify which ads a user may like. It is also used to preserve a user’s choice to opt out of behaviorally targeted ads from Microsoft, if the user has chosen to associate the opt-out with his or her Microsoft account.
Contains a country code as determined by reverse IP address lookup.
Microsoft account authentication
Authentication cookies (e.g., RPSTAuth, MSNRPSAuth, KievRPSAuth) used when a user signs in with a Microsoft account.
Contains an encrypted version of the user’s country, ZIP code, age, gender, language and occupation, if known, based on the user’s Windows Live profile.
Appears on co-branded sites where Microsoft is partnering with an advertiser, this cookie identifies the advertiser so the right ad is selected.
Maintains information about which ad and where the user clicked on the ad.
Indicates that the user has indicated he or she does not want to receive behaviorally targeted ads delivered by Microsoft.
In addition to the cookies Microsoft may set when you visit our web sites, third parties may also set certain cookies on your hard drive when you visit Microsoft sites. In some cases, that is because we have hired the third party to provide certain services on our behalf, such as site analytics. In other cases, it is because our web pages contain content or ads from third parties, such as videos, news content or ads delivered by other ad networks. Because your browser connects to those third parties’ web servers to retrieve that content, those third parties are able to set or read their own cookies on your hard drive.
Microsoft does not deploy cookies on the Xbox console. The browser on Xbox does allow cookies to be set, and you can manage those cookies through browser settings. Third party applications accessed through the console may set cookies. Consult the application’s privacy statement for more information.
How to Control Cookies
For example, in Internet Explorer 9, you may block cookies by taking the following steps:
Instructions for blocking cookies in other browsers are available at http://www.allaboutcookies.org/manage-cookies/.
Please be aware that if you choose to block cookies, you may not be able to sign in or use other interactive features of Microsoft sites and services that depend on cookies, and some advertising preferences that are dependent on cookies may not be able to be respected.
For example, in Internet Explorer 9, you may delete cookies by taking the following steps:
Instructions for deleting cookies in other browsers are available at http://www.allaboutcookies.org/manage-cookies/.
Please be aware that if you choose to delete cookies, any settings and preferences controlled by those cookies, including advertising preferences, will be deleted and may need to be recreated.
Internet Explorer 9 has a feature called Tracking Protection that helps prevent the web sites you go to from automatically sending details about your visit to third-party content providers. When you add a Tracking Protection List, Internet Explorer will block third-party content, including cookies, from any site that is listed as a site to be blocked. By limiting calls to these sites, Internet Explorer will limit the information these third-party sites can collect about you. And when you have a Tracking Protection List enabled, Internet Explorer will send a Do Not Track signal or preference to the web sites you visit. For more information about Tracking Protection Lists and how to find them, please see the Internet Explorer privacy statement or Internet Explorer Help.
Individual advertising companies may also offer their own opt-out capabilities plus more advanced advertising choices. For instance, Microsoft’s advertising preference and opt-out controls are available at http://choice.microsoft.com/advertisementchoice/. Please note that opting out does not mean that you will stop getting ads or see fewer ads; however, if you do opt out, the ads that you receive will no longer be behaviorally targeted. In addition, opting out does not stop information from being collected.
Our Use of Web Beacons
Microsoft web pages may contain electronic images known as web beacons - sometimes called single-pixel gifs - that may be used to help deliver cookies on our sites, let us count users who have visited those pages and deliver co-branded services. We may include web beacons in our promotional e-mail messages or newsletters to determine whether messages have been opened and acted upon.
We may also work with other companies that advertise on Microsoft sites to place web beacons on their sites or in their advertisements to let us develop statistics on how often clicking on an advertisement on a Microsoft site results in a purchase or other action on the advertiser's site.
Finally, Microsoft sites may contain web beacons from third parties to help us compile aggregated statistics regarding the effectiveness of our promotional campaigns or other web site operations. These web beacons may allow the third parties to set or read a cookie on your computer. We prohibit third parties from using web beacons on our sites to collect or access your personal information. Nevertheless, you may be able to opt out from data collection or use by these third-party analytics companies by clicking the links for each of the following analytics providers:
Other Similar Technologies
In addition to standard cookies and web beacons, web sites can use other technologies to store and read data files on your computer. This may be done to maintain your preferences or to improve speed and performance by storing certain files locally. But, like standard cookies, it can also be used to store a unique identifier for your computer, which can then be used to track behavior. These technologies include Local Shared Objects (or "Flash cookies") and Silverlight Application Storage.
Payment Data is the information that you provide when you make online purchases. This may include your payment instrument number (e.g., credit card, PayPal), your name and billing address, and the security code associated with your payment instrument (e.g., the CSV or CVV). This section provides additional information regarding the collection and use of your payment information.
Payment Data is the information that you provide when you make online purchases. This may include your payment instrument number (e.g., credit card, PayPal), your name and billing address, and the security code associated with your payment instrument (e.g., the CSV or CVV). This section provides additional information regarding the collection and use of your payment information.
Payment Data is used to complete your transaction, as well as for the detection and prevention of fraud. In support of these uses, Microsoft may share your Payment Data with banks and other entities that process payment transactions or other financial services, and for fraud prevention and credit risk reduction.
When you provide Payment Data while logged in with your Microsoft or organizational account we will store that data to help you complete future transactions.
You may update or remove the payment instrument information associated with your Microsoft account by logging in at https://commerce.microsoft.com. You may remove the payment instrument information associated with your organizational account by contacting Customer Support. After you close your account or remove a payment instrument, however, Microsoft may retain your payment instrument data for as long as reasonably necessary to complete your existing transaction, to comply with Microsoft’s legal and reporting requirements, and for the detection and prevention of fraud.
Learn more about
How to Contact Us
Below you will find additional privacy information you may find important. Much of this describes practices that are common across the industry, but we want make sure you are aware of them. Please keep in mind that this information is not a complete description of our practices - this is all in addition to the other, more specific information contained elsewhere in this privacy statement.
On this page:
Protecting the Security of Personal Information
Microsoft is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. For example, we store the personal information you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential information (such as a credit card number or password) over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share it. If you are sharing a computer, you should always log out before leaving a site or service to protect access to your information from subsequent users.
Where Information is Stored and Processed
Personal information collected on Microsoft sites and services may be stored and processed in the United States or any other country where Microsoft or its affiliates, subsidiaries or service providers maintain facilities. Microsoft abides by the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of data from the European Economic Area and Switzerland. To learn more about the Safe Harbor program, and to view our certification, please visit http://www.export.gov/safeharbor/.
Microsoft may retain your personal information for a variety of reasons, such as to comply with our legal obligations, resolve disputes, enforce our agreements, and as long as necessary to provide services. To learn how to access your personal information, visit Accessing Your Information.
Changes to Our Privacy Statements
We will occasionally update our privacy statements to reflect customer feedback and changes in our services. When we post changes to a statement, we will revise the "last updated" date at the top of the statement. If there are material changes to the statement or in how Microsoft will use your personal information, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review the privacy statements for the products and services you use to learn how Microsoft is protecting your information.
Privacy at Microsoft
Controlling your online privacy
Security at Home