Last Updated: April 13th, 2017
    SQL Server Privacy Statement

    pspSQLServerIntroductionModule

    This privacy statement explains the data collection and use practices for Microsoft SQL Server 2016 (SQL Server) and included or referenced products which can be installed separately (such as SQL Server Management Studio). This privacy statement focuses on features that communicate via the internet to Microsoft. Customers running SQL Server outside of a fully self-controlled environment (such as a public cloud hosting environment) should check with the operator of that environment about any additional privacy implications of running SQL Server in that environment.

    1. Collection of Your Information Collection of Your InformationpspSQLServer2014CollectionofYourInformationModule
    Summary
    There are four ways Microsoft can collect data resulting from your installation and use of SQL Server:
    Full text
    There are four ways Microsoft can collect data resulting from your installation and use of SQL Server.
    • Data Collected During Setup – data collected about the setup/installation experience
    • Data Collected Using SQL Server – data collected using the product and its features
      • “Usage Feedback” – SQL Server sends data while the product is running. Example data includes what features are being used and what errors are being returned to calling applications.
      • “Crash Dumps” – When an internal error occurs within the product, Microsoft collects information about what happened so that it can improve the product in future releases. When an error occurs in some components and features, the data collected can contain copies of the computer’s memory at the time the error occurred.
    • Direct Feedback from the User to Microsoft – feedback data you may expressly choose to send to Microsoft (usually through a user interface, such as sending a smile/frown)
    • Indirect Data Collection – data collected when you use SQL Server features that communicate with other Microsoft services (such as Microsoft Azure) governed by their own privacy statements.

    2. Use of Your Information Use of Your InformationpspSQLServer2014PowerQueryforExcelModule
    Summary

    The Microsoft SQL Server team uses a data categorization policy to protect customer privacy and help minimize the data that is collected to only data that Microsoft needs to improve or service the product. For example, Microsoft does not attempt to collect Usage Feedback data containing:

    • Values from inside user tables
    • Logon credentials or other authentication information
    Since Crash Dumps can contain whatever data was in memory at the time the error occurred, it is possible that the above data types or other sensitive customer information may be included in Crash Dumps. Microsoft uses Crash Dumps only to troubleshoot and fix defects (bugs) in the product and not for any other purpose.

    This data categorization policy for Usage Feedback and Crash Dumps is summarized in the Data Classification Matrix listed in Appendix A.

    Full text
    3. Data Collected and How to Control Data Collection Data Collected and How to Control Data CollectionpspSQLServerSpecificFeaturesModule
    Summary

    Data Collected During Setup

    Data Collected Using SQL Server

    Direct Feedback from the User to Microsoft

    Indirect Feedback to Microsoft

    Full text

    SQL Server 2016 enables data collection by default for all categories listed in Section 1. It is possible, in some cases, to limit what data is collected. Data Collected Using SQL Server can be configured either via a configuration program, Error and Usage Reporting or through setting Windows registry keys. More information can be found in How to configure SQL Server 2016 to send feedback to Microsoft.

    As of SQL Server 2016 CU2, it is also possible to audit what Usage Feedback data is sent to Microsoft from some components. Customers who have compliance or regulatory concerns can use this feature, along with the Data Classification Matrix, to evaluate whether data sent to Microsoft causes any compliance concerns for their specific application. Information on the auditing capability within SQL Server can be found at Local Audit for SQL Server Usage Feedback Collection.

    The rest of this document explains details of what data each component/feature within SQL Server collects and how each kind of data collection can be enabled/disabled.


    3.1 Data Collected During Setup

    3.1.1 What This Does

    The SQL Server Setup program sends information to Microsoft when it is run. This reports to Microsoft whether the installation program has successfully completed or not. It is a one-time data transmission to improve the program and does not contain any information that identifies customers.

    3.1.2 Information Collected, Processed and Transmitted

    Information collected includes the names of installed components and their completion state.

    The data collected falls into the following categories of the Data Classification Matrix:

    • Internet-Based Services
    • System Metadata

    The data collected does not contain any information that identifies customers.

    3.1.3 Use of Information

    The information collected is used to help improve Microsoft's products and services. Microsoft employees, contractors and vendors who have a business need to use the data are provided access as necessary.

    3.1.4 Choice/Control

    Customers cannot disable this one-time data collection.


    3.2 Data Collected Using SQL Server

    3.2.1 What This Does

    As discussed above, there are two ways data pertaining to your use of SQL Server may be collected: Usage Feedback and Crash Dumps. Each of these mechanisms may send data back to Microsoft when you use any particular SQL Server feature. If you do not install the SQL Server feature, no Usage Feedback or Crash Dump data will be sent back to Microsoft as to that feature.

    During SQL Server Setup, customers can choose which SQL Server components to install. These components have different mechanisms to collect data and to control whether data is collected.

    The SQL Server components available in Setup are:

    • Instance Features
      • Database Engine Services including
        • SQL Server Replication
        • R Services (In-Database)
        • Full-Text and Semantic Extraction for Search
        • Data Quality Services
        • Polybase Query Service for External Data
      • Analysis Services
      • Reporting Services – Native
    • Shared Features
      • R Server (Standalone)
      • Reporting Services – SharePoint
      • Reporting Services Add-in for SharePoint Products
      • Data Quality Client
      • Client Tools Connectivity
      • Integration Services
      • Client Tools for Backward Compatibility
      • Client Tools SDK
      • Documentation Components
      • Distributed Replay Controller
      • Distributed Replay Client
      • SQL Client Connectivity SDK
      • Master Data Services
    • Redistributable Features

    3.2.2 Information Collected, Processed and Transmitted

    3.2.2.1 Usage Feedback

    By default, SQL Server collects information about how its customers use the software, such as information about the software usage experience and performance. An example on this is outlined in How to configure SQL Server 2016 to send feedback to Microsoft. This information helps Microsoft improve the product to better meet customer needs.

    Usage Feedback collection is limited to specific kinds of data. For example, Microsoft never uses Usage Feedback to collect user passwords, credentials, or data from inside user tables. The data collected does not contain any information that identifies customers.

    The data collected falls into the following categories of the Data Classification Matrix:

    • Internet-Based Services
    • System Metadata

    3.2.2.2 Crash Dump Data

    The Error Reporting feature of SQL Server collects extensive information specific to usage at the time of each serious error including: machine characteristics (CPU speed, number of processors, etc.), call stacks of faulting threads (or all threads for certain types of error), execution plans and other execution data, and information about open files. It may also collect historic information about the behavior of the operating system and SQL Server, and for certain error types, data page contents. It is possible that personally identifiable information may be captured in memory or in the data collected from open files. Customers will not have the opportunity to review the information in the reports generated by the Error Reporting feature before they are sent when Crash Dump collection is enabled.

    The data collected falls into the following categories of the Data Classification Matrix:

    • Access Control
    • Customer Content
    • End-User Identifiable Information
    • Internet-Based Services
    • System Metadata

    3.2.3 Use of Information

    3.2.3.1 Usage Feedback

    Microsoft uses Usage Feedback data to improve the product to better meet customer needs. For example, Microsoft collects information about what kinds of error codes customers encounter so that we can fix related bugs, improve our documentation about how to use SQL Server, and determine whether features should be added to the product to better serve customers.

    3.2.3.2 Crash Dump Data

    Microsoft regularly reviews Crash Dumps sent via the Error Reporting feature to find and fix bugs in SQL Server. Bug fixes may be shipped in servicing releases of SQL Server and in future versions of the product. When SQL Server identifies issues related to external or dependent components, such as errors in the Operating System or in a device driver used by a storage subsystem, we attempt to work with the appropriate teams or third parties to address common customer problems using SQL Server.

    3.2.4 Choice/Control

    Sending Microsoft Usage Feedback and Crash Dumps from SQL Server components can be controlled through either of the following mechanisms:

    1. By using the Error and Usage Reporting program
    2. By setting Windows registry keys on the server

    Note: Customers can disable the sending of information to Microsoft only in paid versions of SQL Server. Customers cannot disable this functionality in Developer, Enterprise Evaluation, and Express editions of SQL Server 2016.

    How to configure SQL Server 2016 to send feedback to Microsoft provides more details about how to turn this feature on or off including the Group Policy configuration.

    3.2.4.1 Error and Usage Reporting

    The Error and Usage Reporting program can be launched from the SQL Server folder under Program Files. The default path to the program is "C:\Program Files\Microsoft SQL Server\130\Shared\SqlWtsn.exe".

    The Error and Usage Reporting program has two configuration controls and four categories of independent configurable settings to control the sending of information to Microsoft from various SQL Server components. The two configuration controls are:

    1. Usage Reports to collect Usage Feedback for SQL Server, and
    2. Error Reports to collect Crash Dumps.

    The four categories mapped to SQL Server components are listed in the right-hand column and are mapped to by each SQL Server [Instance] Feature as follows.


    SQL Server component Category
    Instance Features: 
     Database Engine Services, including SQL Database Engine
       SQL Server Replication SQL Database Engine
        R Services (In-Database) SQL Database Engine
       Full-Text and Semantic Extraction for Search SQL Database Engine
       Data Quality Services SQL Database Engine
       Polybase Query Service for External Data SQL Database Engine
      Analysis Services Analysis Services
      Reporting Services – Native Reporting Services
    Shared Features  
     R Server (Standalone)Others
      Reporting Services – SharePoint Others
      Reporting Services Add-in for SharePoint Products Others
      Data Quality Client Others
      Client Tools Connectivity Others
      Integration Services Others
      Client Tools for Backward Compatibility Others
     Client Tools SDK Others
     Documentation Components Others
     Distributed Replay Controller Others
     Distributed Replay Client Others
     SQL Client Connectivity SDK Others
     Master Data Services Others
     Redistributable Features Others


    3.2.4.2 Registry Key Settings

    Each of the four listed categories has two registry keys to control data collection for Usage Feedback and Crash Dumps:

    Key = HKEY_LOCAL_MACHINE\Software\Microsoft\Microsoft SQL Server\{InstanceID}\CPE

    RegEntry name for Usage Feedback = CustomerFeedback

    RegEntry name for Crash Dump = ErrorReportingDir

    Entry type DWORD: 0 is opt out; 1 is opt in


    {InstanceID} refers to the instance type and instance, as in the following examples:

    MSSQL13.CANBERRA for SQL Database engine and Instance name of "CANBERRA"

    MSAS13.CANBERRA for Analysis Services and Instance name of "CANBERRA"

    MSRS13.CANBERRA for Reporting Services and Instance name of "CANBERRA"


    For all components in Shared Features (listed as “Others” category in the table above):

    Key = HKEY_LOCAL_MACHINE\Software\Microsoft\Microsoft SQL Server\{Major Version}

    RegEntry name for Usage Feedback = CustomerFeedback

    RegEntry name for Crash Dump = ErrorReportingDir

    Entry type DWORD: 0 is opt out; 1 is opt in

     

    {Major Version} refers to the version of SQL Server—for example, 130 for SQL Server 2016  

    Customers managing many SQL Server instances can use Group Policy settings to manage these registry keys instead of setting them individually.


    3.3 Direct Feedback from the User to Microsoft

    3.3.1 What This Does

    The following user-facing components in SQL Server allow customers to report problems to Microsoft by explicit user choice.

    1. Customers can provide their feedback to Microsoft via a feedback pane in Data Migration Assistant (DMA).
    2. Master Data Services (MDS) allows Customers to report errors to Microsoft via email using Microsoft Outlook.
    3. Customers can provide their feedback and report problems via Visual Studio about SQL Server Data Tools (SSDT). For more details about this, customers should review the Privacy Statement of the related Visual Studio installation. For Visual Studio 2015, please reference Visual Studio Privacy Statement.

    3.3.2 Information Collected, Processed and Transmitted

    By default, when customers choose to send user feedback through any of the mechanisms listed in Section [3.3.1], standard computer information is collected. Standard computer information includes certain information about computer software and hardware, such as IP address, operating system, web browser software, and version.

    When customers choose to send feedback to Microsoft, different kinds of data can be collected:

    1. When reporting an error, it is possible that End-User Identifiable Information (EUII) and Customer Content classified data may be captured in memory or in the data collected from open files that is sent to Microsoft. When Microsoft requests additional data from customers, this may include sections of memory (which may include memory shared by any or all applications running at the time the problem occurred), some registry settings, or one or more files from their computer. Their current documents may also be included. When additional data is requested, customers can review the data and choose whether or not to send it.
    2. Customers may be asked to answer an optional survey after sending an error report. If customers send an error report without sending survey information containing personal details, the error report will be used to improve the products and none of the information in the error report is used to identify the customers. If customers choose to provide a phone number or e-mail address, then Microsoft may contact the customer to ask for additional data that will help us solve a problem. In some cases, customers may also be presented with an opportunity to track their error report. If customers choose to track an error, the report will be associated with their e-mail address.

    As an example, customers using MDS and experiencing errors, can use the email template from MDS to provide the error details. The error details contain the call stack and a screenshot along with some other information (e.g. OS product and client version). Customers can decide to not send the email to Microsoft or to edit the content of the email before sending the email to Microsoft. Microsoft may decide to contact the customers via email to follow up on the errors reported.

    The data collected falls into the following categories of Data Classification Matrix:

    1. Internet-Based Services
    2. System Metadata
    3. End-User Identifiable Information (EUII) with user consent
    4. Customer Content with user consent

    3.3.3 Use of Information

    Microsoft uses the data for diagnosing and solving customer problems and to improve Microsoft software and services.

    Microsoft does not use this data to identify customers, unless they specifically consent the collection of identifiable details through an optional survey after sending an error report.

    3.3.4 Choice/Control

    3.3.4.1 User Feedback

    3.3.4.2 Error Reporting

    Each time an error occurs in a SQL Server component / tool with a user interface, a report is generated and customers are asked if they want to send this report to Microsoft. Customers will have an opportunity to view the information contained in the error report before choosing whether or not to send the report.


    3.4 Indirect Feedback to Microsoft

    Some features of SQL Server can be used in ways that interact with other Microsoft products or services. Those other Microsoft products and services may (separately from SQL Server) collect usage data. This section provides more details on the kinds of feedback that Tools can send to Microsoft and Microsoft-owned Services can collect. It also explains the mechanisms in SQL Server to control whether data is collected

    3.4.1 SQL Server Tools Feedback

    3.4.1.1 What This Does

    Some features of SQL Server may require, or may be enhanced by, the installation of additional software ("Tools"), recommended by the SQL Server team and made available for free on the Microsoft download center and the Microsoft Developer Network. These Tools are:

    • SQL Server Management Studio (SSMS)
    • Data Migration Assistant (DMA)
    • SQL Server Migration Assistant (SSMA)
    • SQL Server Data Tools (SSDT) for Visual Studio 2015
    • SQL Server Mobile Report Publisher

    Tools do not have their own privacy statements and this section of the SQL Server Privacy Statement explains how the Tools collect data. Tools transmit data from a device or appliance to or from Microsoft.

    SSMS is available to download from Microsoft Developer Network (MSDN). SSMA and DMA releases are available to download from Microsoft Download Center. Upon installing these Tools, customers can verify which version of the SQL Server Privacy Statement that each tool follows.

    SSDT is available to download from Microsoft Developer Network (MSDN) and can be installed on a machine either with or without a prior Visual Studio installation. When SSDT is run from Visual Studio, both the Visual Studio Privacy Statement and this privacy statement apply. The SSDT feature itself follows the SQL Server Privacy Statement, but Visual Studio may collect additional information above and beyond what this Privacy Statement lists. SQL Server Mobile Report Publisher is available to download from Microsoft Download Center.

    Error reporting for these Tools is governed by Windows Telemetry and Error Reporting settings. For more details on what information is collected and how it is used, see the Privacy Statement for the Microsoft Error Reporting Service.

    3.4.1.2 Information Collected, Processed or Transmitted:

    Tools may collect standard computer information and information about the use and performance of the Tools. In some cases, customers may not be able to opt out of the collection and transfer of usage data to Microsoft.

    The data collected falls under the following categories of the Data Classification Matrix:

    • Internet-Based Services
    • System Metadata

    The data collected does not contain any information that identifies customers.

    Customers using SSDT within Visual Studio can review Visual Studio Privacy Statement to obtain more details on the kinds of data collected by Visual Studio.

    3.4.1.3 Use of Information:

    Information transmitted to Microsoft from Tools are analyzed for purposes of improving the quality, security, and reliability of the product.  

    3.4.1.4 Choice / Controls

    This section outlines the Usage Feedback choice / controls available for Tools:

    1. SQL Server Management Studio (SSMS)

      Sending information to Microsoft on Usage Feedback on SSMS can be controlled by setting Windows registry keys on the server.

      Key = HKEY_CURRENT_USER\Software\Microsoft\Microsoft SQL Server\130

      RegEntry name = CustomerFeedback

      Entry type DWORD: 0 is opt out; 1 is opt in

    2. Data Migration Assistant (DMA) There is no mechanism to turn off Usage Feedback on DMA.

    3. SQL Server Migration Assistant (SSMA)

      There is no mechanism to turn off Usage Feedback on SSMA

    4. SQL Server Data Tools (SSDT) for Visual Studio 2015

      Sending information to Microsoft on Usage Feedback can be controlled by changing the settings as described in Customer Experience Improvement Program for SQL Server Data Tools.

    5. SQL Server Mobile Report Publisher

      Sending information to Microsoft on Usage Feedback can be controlled by accessing the About pane through the “?” button.

    3.4.2 Indirect Feedback through Microsoft-owned Services to Microsoft

    SQL Server features may be used with these Microsoft Services and Windows-based applications that collect feedback. Using those SQL Server features may cause other Microsoft Services to collect the equivalent of “Usage Feedback” (as defined in this document) or other kinds of feedback similar to any other client of those services. These Microsoft-owned Services and Windows-applications have their own Privacy Statements and customers should review those statements before using the following features:

    1. Hybrid SQL Server features that internally use Microsoft Azure. For example, “Stretch Database” and “Backup to URL” features.
    2. SQL Server features that use Microsoft cloud features. For example:
      • The “Maps” capability in SQL Server Reporting Services uses Bing Maps to provide mapping visualizations
      • SQL Server Data Quality Services uses Azure Marketplace for third party reference data services
    3. Using other Windows-based applications with SQL Server features. For example: Accessing Reporting Services via Internet Explorer or Edge may indirectly collect usage information through those browser programs that is sent to Microsoft.

    Choice/control settings for these services and applications are described in the common experiences below.

    3.4.2.2 Hybrid SQL Server Features Leveraging Microsoft Azure

    SQL Server offers hybrid features with Azure services such as Stretch Database and Backup to URL. Please visit Microsoft Online Services Privacy Statement to learn more about the way usage data is handled when using those features against Azure services.

    3.4.2.3 Using Bing Maps with SQL Server Reporting Services

    3.4.2.3.1 What This Does

    SQL Server Reporting Services allows customers to build reports that integrate with Bing Maps. To enable this feature, certain information is sent from their server to the Bing Maps service.

    3.4.2.3.2 Information Collected, Processed or Transmitted

    If customers configure SQL Server with their Bing Maps ID, that ID will be sent to Bing Maps along with their requests for data each time they run a report that uses the Bing Maps feature.

    3.4.2.3.3 Use of Information

    Microsoft uses the information to operate and improve Bing Maps and other Microsoft sites and services. For more information, see the Bing Privacy Statement.

    3.4.2.3.4 Choice/Control

    By default, a unique identifier is not sent with requests to Bing Maps. See SQL Server documentation to learn how they can add their Bing Maps ID to your SQL Server configuration.

    3.4.2.4 Microsoft SQL Server Reference Data Services

    3.4.2.4.1 What This Does

    The Reference Data Service feature in Data Quality Services (DQS) enables customers to cleanse their data based on third-party reference data services. The Reference Data Service feature is used to standardize, correct, or enrich your organization's data during the cleansing process. The Reference Data Service feature enables customers to associate a DQS domain to a third-party reference data service. Customers can then send their data to the associated third-party service to validate data against the reference data.

    3.4.2.4.2 Information Collected, Processed or Transmitted

    No information is sent to Microsoft unless customers have separately selected Microsoft Azure Marketplace DataMarket as one of the third-party reference data service providers. The data is sent directly to the third-party reference data service provider for data cleansing.

    3.4.2.4.3 Use of Information

    The data is sent to the third-party reference data for cleansing, and the cleansed data is returned to the customer. Use of the data by the data service provider is subject to any terms and conditions between the customer and the provider. When using Azure Marketplace DataMarket, customer use of services is governed by Microsoft Azure Marketplace Terms.

    3.4.2.4.4 Choice/Control

    To enable this feature in DQS, customers must map their data source to a third-party reference data service. In order to use Microsoft Azure Marketplace DataMarket RDS providers, customers must create an account with DataMarket, and subscribe to a third-party reference data service.

    To disable this feature in DQS, customers must dissociate your data source to a third-party reference data service.

    3.4.2.5 Using other Windows-based applications with SQL Server features

    Windows-based applications including SQL Server may communicate with SQL Server features. Information collected, processed and transmitted, use of information and choice/control of Windows applications are outlined in the Windows > Telemetry & Error Reporting section of Microsoft Privacy Statement.

    In enterprise environments, customers can benefit from using Group Policy to configure how Windows Error Reporting behaves on their computers. Configuration options include the ability to completely turn off Error Reporting. Administrators may wish to configure Group Policy for Error Reporting for ease of management of these configurations, see Group Policy Planning and Deployment Guide. For more details on what information is collected and how it is used, see the Privacy Statement for the Microsoft Error Reporting Service.

    4. Other Important Privacy Information Other Important Privacy InformationpspOtherInformationModule
    Summary

    Learn more about

    • Protecting the security of personal information
    • Where we store and process information
    • Changes to our privacy statements

    How to Contact Us

    • If you have a technical or general support question, please visit http://support.microsoft.com/ to learn more about Microsoft Support offerings.
    • If you have a Microsoft account password question, please visit Microsoft account support.
    • If you have a general privacy question or a question for the Chief Privacy Officer of Microsoft or want to request access to your personal information, please contact us by using our Web form.
      • By mail: Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA
      • By Phone: 425-882-8080
    • Microsoft Ireland Operations Limited is our data protection representative for the European Economic Area and Switzerland. The data protection officer of Microsoft Ireland Operations Limited can be reached at the following address:

      Microsoft Ireland Operations, Ltd.
      Attn: Data Protection
      Carmenhall Road
      Sandyford, Dublin 18, Ireland

    • To find the Microsoft subsidiary in your country or region, see http://www.microsoft.com/worldwide/.
    Full text

    Below you will find additional privacy information you may find important. Much of this describes practices that are common across the industry, but we want make sure you are aware of them. Please keep in mind that this information is not a complete description of our practices - this is all in addition to the other, more specific information contained elsewhere in this privacy statement.

    On this page:

    Protecting the Security of Personal Information

    Microsoft is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. For example, we store the personal information you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential information (such as a credit card number or password) over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol.

    If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share it. If you are sharing a computer, you should always log out before leaving a site or service to protect access to your information from subsequent users.

    Where Information is Stored and Processed

    Personal information collected on Microsoft sites and services may be stored and processed in the United States or any other country where Microsoft or its affiliates, subsidiaries or service providers maintain facilities. Microsoft abides by the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of data from the European Economic Area and Switzerland. To learn more about the Safe Harbor program, and to view our certification, please visit http://www.export.gov/safeharbor/.

    Microsoft may retain your personal information for a variety of reasons, such as to comply with our legal obligations, resolve disputes, enforce our agreements, and as long as necessary to provide services. To learn how to access your personal information, visit Accessing Your Information.

    Changes to Our Privacy Statements

    We will occasionally update our privacy statements to reflect customer feedback and changes in our services. When we post changes to a statement, we will revise the "last updated" date at the top of the statement. If there are material changes to the statement or in how Microsoft will use your personal information, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review the privacy statements for the products and services you use to learn how Microsoft is protecting your information.

    How to Contact Us

    • If you have a technical or general support question, please visit http://support.microsoft.com/ to learn more about Microsoft Support offerings.
    • If you have a Microsoft account password question, please visit Microsoft account support.
    • If you have a general privacy question or a question for the Chief Privacy Officer of Microsoft or want to request access to your personal information, please contact us by using our Web form.
      • By mail: Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA
      • By Phone: 425-882-8080
    • To find the Microsoft subsidiary in your country or region, see http://www.microsoft.com/worldwide/.
    Appendix A – Data Classification Matrix Appendix A – Data Classification MatrixpspAppendix
    Summary

    Included in this section is the detailed data classification matrix.

    Full text

    Data Classification Matrix