Change History for Microsoft Privacy Statement
September 2024
- We clarified in the Personal data we collect section that we may receive data from Microsoft affiliates or subsidiaries.
- We added language to our Personal data we collect, Reasons we share personal data, US State Data Privacy, and Advertising sections clarifying our advertising practices and with whom we share information for these purposes.
- We updated our Cookies and similar technologies section to include additional session cookies we may use for load balancing purposes.
- We added information to the US State Data Privacy section clarifying that we do not engage in “profiling”, utilising personal data for automated decision-making that produces legal or similarly significant effects.
- We clarified on the U.S. State Data Privacy section that we may obtain subscription and licensing data from third-party storefronts and platforms on which our products are purchased, and clarified the purposes for processing that data.
- We added a new Microsoft Launcher section explaining the data certain Microsoft Launcher features use.
- We added information in the Cross-device experiences portion of our Windows section to explain how to access your mobile device’s files in File Explorer.
August 2024
- We updated our How we use personal data section to clarify that we may use data to develop and train our AI models.
- We further clarified the purposes and legal bases for processing personal data in the How we use personal data section.
- We refined the U.S. State Data Privacy section to further explain your rights under relevant U.S. state data privacy laws, and how you can exercise rights related to your data with us.
June 2024
- We created a new Artificial Intelligence and Microsoft Copilot capabilities section, to better describe our Copilot offerings, and moved our previous “Artificial Intelligence” section into this new section.
- We updated our How we use personal data section to clarify our use of data to conduct research.
- We clarified in our Reasons we share personal data section how we share data when necessary to protect the safety of our customers, organisations and the public.
- We revised the Collection of data from children and the Microsoft Family sections to provide more detail about how child accounts are added to a parent’s family group.
- The Collection of data from Children section was updated to clarify how Xbox-specific Family Safety settings apply and how data is used when a child uses Xbox.
- We modified our Diagnostics section under Windows to note when diagnostic data is collected and sent to Microsoft.
- We added a new Cross-device experiences section to describe how you can access your mobile device from your PC using your Microsoft account.
- We revised the Web browsers — Microsoft Edge Legacy and Internet Explorer section to better describe how you can access your data on all signed-in browsers on your devices, and how information is shared with your default search provider.
- We clarified what media content can be read by Windows Media Player Legacy when you use that service to play and access media.
- We revised the Xbox section to better describe how data is used to provide our services and curated experiences.
- Under Microsoft Start, we included information about how your location is used when you access the weather app.
- We removed references to services that will no longer be available or supported, such as Cortana, Spend, and sharing Windows location information with location services partners.
April 2024
- We updated our Skype and SwiftKey sections to include additional information on the camera features of these services.
- We clarified what data we collect through your use of SwiftKey, and how you can control your personal data preferences through your SwiftKey account.
- We added additional information about how Feedback Hub determines which installed apps it can provide feedback on.
- We included a new Get Help section to describe Get Help’s technical support function and the data used.
- We added the Media Player and the Movies & TV sections to the Windows apps section, and clarified how they use data to provide their experiences to you.
- We updated the name of Windows Media Player to Windows Media Player Legacy.
- We included information for individuals in Japan about the processing of information under local laws.
March 2024
- We updated our Microsoft 365, Office, and other productivity apps section to include information about certain productivity apps, such as Whiteboard, To Do, and Sticky Notes. We also explain that certain applications may use your device capabilities, such as your microphone and camera, based on your Windows Privacy Settings.
- We revised our Outlook section to describe how certain features use device capabilities like your microphone or location.
- We added a new Surface section to describe how we collect and use diagnostic data from Surface devices and accessories, and the Surface application.
- We updated our Windows section to describe your ability to customise and manage various aspects of Windows through your Windows Settings.
- We updated the Feedback Hub description to clarify how it determines which products and apps it can provide feedback on, and how Feedback Hub uses certain HoloLens device resources when you choose to share audio, photos, or recordings as part of your feedback.
- We moved our descriptions of Live Captions and Narrator within our Windows section.
- We updated Phone Link – Link to Windows to give additional details on Phone Link’s functions and how you can use it with both Android and iPhone devices.
- We clarified in the Windows Sync and back up settings section how you can delete data previously backed up to your Microsoft account.
- We made several updates and additions to the Windows apps portion of our Windows section to describe how some of our apps access and use various device capabilities and data, depending on the app and your use.
- We added sections about the Clock App, Microsoft Journal, the Mobile Plans app, Microsoft PC Manager, the Snipping Tool, the Sound Recorder app, and Microsoft Clipchamp, and describe how they use your information and/or device capabilities.
- We similarly updated the Maps app, the Camera app, the Outlook Mail and Calendar app, and the Windows Operator Messages app (formerly Microsoft Messaging) sections.
- We included information in our Xbox section about how players can use their device’s capabilities to improve their gaming experience, including through the Windows Game Bar.
February 2024
- We updated our Cookies and similar technologies section to include an additional type of cookie used on our sites.
- We made updates to several sections of our Privacy Statement in regards to Artificial Intelligence and our Copilot capabilities, including Copilot Pro, Copilot in Bing and Copilot in Edge, to better describe to you how Copilot functions in our services.
- We revised our Windows activity history section to clarify how active history data is stored and your controls over your active history data.
October 2023
- We updated references to Azure Active Directory (AAD) to reflect its new name, Microsoft Entra ID.
- We revised our Collection of data from children and Xbox sections to clarify how Xbox collects and utilises users’ data, including diagnostic data and data for curated experiences.
- We updated our Where we store and process personal data section regarding where we may store and process personal data.
- We added new information about our responsibilities for onward transfers under the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Frameworks.
- We included information about Microsoft Ireland Operations Limited’s Swiss representative, and updated the contact information for the Microsoft Data Protection Officer in Canada, in the How to contact us section.
- We modified the Microsoft Teams section to explain that information may be shared with our enterprise customers when you use Microsoft Teams to interact with a customer’s end users who are using their school or work account.
- We made changes to the Phone Link – Link to Windows section to provide further information about how the Phone Link service operates and functions.
August 2023
- We made updates throughout the Privacy Statement and added a new Artificial Intelligence section to enhance our disclosures around our development and use of Artificial Intelligence (“AI”).
- We updated the Bing section to provide you information on Bing Chat, an AI-enhanced web search functionality, including how you can view and manage your Recent activity with Bing Chat.
- We supplemented the Reasons we share personal data section to explain how we may share receipts of purchases from Microsoft with Microsoft account holders who use the same payment method.
- We made changes to our Collection of data from children section to clarify when we will seek parental or guardian consent to collect their child’s information.
- We revised the Microsoft Edge section to refine how you can control sharing your Microsoft Edge browsing activity, including when using Bing Chat.
- The Security and Safety Features section was updated to further explain how Microsoft Defender SmartScreen may use information to identify security threats related to suspicious websites or apps.
- We updated our disclosures relating to our adherence to the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Frameworks.
- We clarified in our How to contact us section how individuals may communicate with Microsoft to exercise their data privacy rights.
July 2023
- We prepared our Washington State Consumer Health Data Privacy Policy and made changes to our Privacy Statement to detail our processing of data and individuals’ rights under the Washington State My Health My Data Act (“MHMDA”).
June 2023
- We updated our Cookies and similar technologies section to better explain the types of cookies we may utilise when you use our sites, products or services.
- We modified our Advertising section to give more information on how you can opt-out of receiving personalised advertising from Microsoft.
- We made updates to our Phone Link – Link to Windows section to provide additional information about how the Phone Link – Link to Windows service operates and functions, and the data that may be used and transferred between your Windows devices and Android device.
April 2023
- The Microsoft Family section was added to clarify how the Family Safety features collect and use data, and how individuals can control the use and sharing of their data with their family group.
- We modified the Collection of data from children section to include links to other related sections of the Privacy Statement concerning children’s information, including the new Family Safety section.
- We updated the Advertising section to clarify the partners with whom we partner and may share data for advertising purposes.
February 2023
- We updated our Reasons we share personal data and US State Data Privacy sections to clarify where “sharing” relates to personalised advertising purposes.
- We made changes to our Collection of data from children section to give parents and guardians more information on how they can access and delete their child’s information.
- We clarified how we classify chat bot information and interactions and how such information is different from human-to-human chats.
- We clarified the apps and programmes that are part of Bing.
December 2022
- We made updates throughout the Privacy Statement to correspond with changes that we making to work towards compliance with U.S. state privacy laws and changed the name of the California Consumer Privacy Act section to U.S. State Data Privacy.
- We updated the Microsoft account section to clarify how Microsoft makes information saved to your account available across Microsoft products when you sign in.
- We clarified the Collection of data from children and Xbox sections to provide additional information about Xbox’s anti-cheat and fraud prevention measures.
- We supplemented the How to contact us section to add a contact phone number for residents of Canada.
- Changes were made to the Windows section to clarify the difference between the available versions of the Photos app.
September 2022
- We updated our Reasons we share personal data section to clarify our push notification data sharing for Microsoft products or applications on non-Windows devices.
- We updated references to some MSN products throughout the Privacy Statement to now refer to Microsoft Start and clarified the services Microsoft Start offers.
- We included the contact information for the Microsoft Data Protection Officer in Canada.
- We clarified in our Enterprise Online Services section the purposes for which Microsoft may process personal data as a data controller, in accordance with our standard Products and Services DPA.
- We updated the Microsoft Edge section with additional information describing how Edge syncs browser data, migrates privacy choices across your signed-in devices when logged into your Microsoft accounts and uses search data to improve Microsoft services.
- We modified the Location Services and Recording section to detail on how Desktop apps, web-based experiences, or third-party apps may determine your device’s location.
- The Security and Safety Features section was revised to clarify the Microsoft Defender SmartScreen services, and to add information about the Smart App Control.
- We made changes to the Speech, Voice Activation, Inking and Typing section to further clarify how we protect your voice recordings are when using our speech recognition technologies, and to provide details on our Voice Access and customer word list features.
- We revised the Photos App section to note the different features between the Photos and the Photos Legacy apps, and how each app may process your photo data.
- We added the Live Captions section to describe how audio and voice data may be processed to generate captions from audio containing speech.
June 2022
- We updated the Our use of cookies and similar technologies section to clarify and better communicate when we may ask for your consent before installing optional cookies.
April 2022
- We updated the Where we store and process personal data section in response to Japan's Act on the Protection of Personal Information.
- We changed the Your Phone section to Phone Link to reflect the Windows app’s new name.
March 2022
- We made changes to the How to access and control your personal data section to better communicate how Microsoft processes personal data.
- We updated the Skype section to provide additional information about how users can communicate with emergency calling service providers in the United States when using Skype.
- The Microsoft Teams and Skype sections were updated to include supplemental information about how contact data is processed and notices to non-users.
December 2021
- We modified the Personal data that we collect section to give more transparency to the sources and processing of third-party data.
- The How we use personal data section was augmented to provide additional detail about how Microsoft works to protect our products and consumers.
- The Microsoft Teams section was modified to provide additional information on how Teams interacts with third-party accounts.
- We clarified the Advertising section to better demonstrate how Microsoft delivers personalised and behavioural advertising.
October 2021
- We updated the Windows section and other parts of the Privacy Statement to include Windows 11 and help individuals understand how Microsoft processes personal data with its release.
- The Products provided by your organisation – notice to end users, Other important privacy information, and Enterprise and developer products sections were modified to reflect changes to Microsoft’s commercial agreements.
September 2021
- We added a link to a new page with information for young people.
- We updated the Edge section with additional information to clarify how we use and collect data related to search activity to improve Microsoft services.
July 2021
- We modified the Collection of data from children and Xbox sections to provide more information about the Xbox experience.
- In the Activity History section, we revised the Privacy Statement to align with our current practices.
- We amended the Cortana section to better communicate how the digital assistant collects and uses personal data.
- Throughout the Privacy Statement, we made language changes to clarify our practices.
April 2021
- We updated the Microsoft Edge section to clarify the definition of browsing activity data and better communicate how individuals can control the use of their browsing activity data for personalising Microsoft Edge and Microsoft services.
March 2021
- To better communicate how we handle children’s data, we elevated the Collection of data from children section in the Privacy Statement to make the information easier to find and expanded the section with further clarifications, such as information related to Xbox profiles.
- We updated the wording in the Windows apps section to better communicate our data practices related to the Photo and Camera apps.
- We modified the How to access and control your personal data and How to contact us sections to clarify when we will respond to questions and concerns.
- We clarified the Enterprise and developer products section by providing more direct access from the Privacy Statement to the Azure Playfab Terms of Service.
- We modified the California Consumer Privacy Act section to provide more direct access from the Privacy Statement to the California Consumer Privacy Act Notice for California Consumers.
January 2021
- In the Microsoft Edge section, we clarified our privacy practices related to MSN Content accessible through the web browser and the ability to sync browser data.
- In the Personal data we collect section we introduced the definition of traffic data to better communicate how Microsoft handles data related to its communication services.
- We modified the Enterprise online services and the Where we store and process personal data sections to clarify Microsoft’s processing of personal data in connection with its legitimate business operations incident to providing services to commercial customers.
- We added a new section, Speech Recognition Technologies, and made changes throughout the Privacy Statement to better communicate how Microsoft completes automated and manual reviews of data that we process and, with your consent, reviews voice data in order to build and improve our speech recognition technologies.
- The How to Contact Us section was modified to better represent our global approach to ensure that individuals can communicate with Microsoft.
- We provided a more concise pathway to learn more about our data handling experiences when using the Kinect devices in the Xbox section.
- We updated the Cortana section and modified other parts of the Privacy Statement to better illustrate the privacy practices associated with Cortana’s current and prior versions.
- We revised the Microsoft Translator section to better communicate our privacy practices when the services are used as part of a stand-alone consumer application or integrated into other products and services.
November 2020
- We supplemented the Microsoft 365 section by clarifying our privacy practices related to connected experiences.
- In the Bing section, we provided additional information regarding how data is transferred to a destination webpage when accessing the webpage through Bing search results.
- We revamped the Xbox section with new language to better illustrate our privacy practices.
September 2020
- We supplemented the Xbox and Xbox Live section by including the Game Pass App and clarifying our processing of console diagnostic data.
- We introduced the Surface Duo section to describe our privacy practices related to the new device.
- We added additional language to clarify Microsoft's use of the EU-U.S. Privacy Shield Framework in the Where we store and process personal data section to clarify that Microsoft does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data in light of the judgement of the Court of Justice of the EU in Case C-311/18.
- We clarified how Microsoft utilises cookies and other communication technologies and how individuals consent to and can personally control their use by making updates to the Cookies and similar technologies section.
- We added language to the Collection of Data from Children section to better illustrate how parents and guardians can manage, view, and delete a minor’s data.
- We also enhanced the language in the SwiftKey section to explain changes in the technology and how individuals can personalise its use and the data that it collects.
July 2020
- We made edits throughout the privacy statement to reflect changes in our branding of Microsoft’s products and services. For example, we changed certain references from Office 365 to Microsoft 365 to further increase clarity on how a product processes personal data.
- We added additional language to the Microsoft Edge section to clarify our data handling and process practices when Password Monitor is used and content is downloaded to enhance the browsing experience.
June 2020
- We made edits throughout the privacy statement intended to improve transparency and readability. For example, we:
- Added further information on how to use Microsoft services such as Microsoft Teams; and
- Added language clarifying Microsoft’s personal data processing when Microsoft processes data for legitimate business operations.
- We clarified how individuals may communicate with Microsoft to exercise their data privacy rights in the California Consumer Privacy Act and How to contact us sections.
- In the Skype section, we updated language to clarify the service’s translation functionality related to Translation features.
- We added a section on Microsoft Teams to describe Microsoft’s processing activities specific to the Microsoft Team’s experience.
- We supplemented language in the Feedback Hub section to clarify internal business operations.
- In the Windows apps section, we added additional language to Camera and Photos apps to describe Microsoft’s processing activities specific to the experience.
May 2020
- We added a section on HoloLens to describe our processing activities specific to the HoloLens device and experience.
- We added a section on Windows Mixed Reality to describe our processing activities specific to Windows Mixed Reality experiences.
April 2020
- In Personal data we collect, we added information about personal data we collect during in-store events.
- In How we use personal data, we added information on our processing of personal data for prize promotions and other in-store events.
February 2020
- In California Consumer Privacy Act, we added a link to information on how you can use an authorised agent to exercise your rights.
January 2020
- In Advertising, we included information about privacy settings in Microsoft Edge related to personalised advertising.
- In Search, Microsoft Edge, and artificial intelligence, we added a section specific to Microsoft Edge. The Microsoft Edge section includes information regarding:
- Content that you may save on your device.
- The ability to share browsing history associated with your Microsoft account to improve your web experience.
- Privacy settings.
- Diagnostic data collection and use.
- In Web browsers – Microsoft Edge Legacy and Internet Explorer, we clarified that the section applies to legacy versions of Microsoft Edge.
December 2019
- In Other important privacy information, we added a section on the California Consumer Privacy Act.
- In How to access and control your personal data, we added a link to the Microsoft Privacy Report which provides aggregate metrics about user requests to exercise their data protection rights.
- In Products provided by your organisation – notice to end users and Enterprise and developer products, we provided additional information about processing personal data of users accessing Microsoft products with an organisational account (such as a work or school account) for Microsoft’s legitimate business operations.
- In Windows Diagnostics, we revised the terminology regarding levels of diagnostic activity data. Basic diagnostic data is now called Required diagnostic data and full diagnostic data is now called Optional diagnostic data.
October 2019
- In Skype, we clarified that Microsoft uses voice and text data in the voice-to-text feature to provide captioning of audio for users.
September 2019
- In Products provided by your organisation – notice to end users, we added information regarding our processing of student personal data with respect to Microsoft products provided by primary and secondary schools.
- In Your Phone, we included information about making and receiving calls from your Android phone on your Windows device.
August 2019
- In How we use personal data, we clarified that we employ both automated and manual methods of processing personal data.
- In How to access and control your personal data, we added instructions on how to export your Skype chat history and files.
- In Windows apps, we added information about Narrator, a screen-reading app that helps you use Windows without a screen.
June 2019
- In Xbox and Xbox Live, we added information about the data we collect from Xbox consoles, Xbox Apps, and Xbox Live to provide experiences and subscription services.
May 2019
- In Cortana, we added information regarding how Cortana can interact with other Microsoft products (e.g., Office) and third-party services.
- In Speech, Voice Activation, Inking, and Typing, we:
- included information regarding speech recognition features for HoloLens devices and Windows Mixed Reality.
- added Voice Activation to provide additional information regarding how (i) apps interact with Windows voice recognition, (ii) Microsoft uses voice data, and (iii) users can enable and disable voice activation.
- In Camera and Photo apps, we inserted information regarding the ability to group photos by time, location, tags, and faces.
- In Windows Search, we added a Your Phone section describing an app that allows you to link your Android phone with your Windows device.
April 2019
- In the Office section, we added information about connected experiences and the collection and processing of diagnostic data.
March 2019
- In Where we store and process personal data, we clarified that our commitment to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks extends to personal information received from the United Kingdom.
November 2018
- In Entertainment and related services, we updated Mixer to provide more information regarding which user interactions are publicly viewable.
October 2018
- In Reasons we share personal data, we added an example of sharing certain data with an employer or school to enable them to manage the Microsoft products it provides to you (or that you sign into with an account it provides to you).
- In the Where we store and process personal data section of Other important privacy information, we specified that we will cooperate with the Swiss Federal Data Protection and Information Commissioner for resolving disputes with Swiss individuals under the Swiss-US Privacy Shield agreement.
- In Products provided by your organisation – notice to end users, we clarified that an employer’s or school’s ability to administer products and accounts can include control of privacy-related settings.
- In Enterprise and developer products, we added PlayFab Services as an example of enterprise and developer cloud-based services.
- In Skype, we added a paragraph describing a new captioning feature.
- In Windows, we:
- reiterated how an organisation can access data from Windows devices it manages.
- provided further examples in the description of Activity history.
- clarified that the Advertising ID controls apply only where an app is relying on the Advertising ID, and does not affect other means providing interest-based advertising (such as cookies).
- added text in Diagnostics describing that diagnostic data can be shared with an organisation, such as an employer or school, to help manage the organisation’s devices and that aggregated diagnostic data may also be shared with other selected third parties.
- added a new Feedback Hub section to describe the collection of feedback and diagnostic data through the app.
- made several clarifications under Location services, motion Sensing, and recording, including specifying that Windows will attempt to determine location when you make an emergency call, regardless or your location settings, and that your mobile operator has access to your device’s location.
- edited descriptions in Speech, Inking, and Typing to improve clarity and provide additional details about available controls.
- under Web browsers—Microsoft Edge and Internet Explorer, described a unique ID that is sent by the Edge browser to certain selected websites that enables us to develop aggregate data to improve browser features and services, and added a description of a new “Website Pin to Taskbar” feature.
- We made additional edits throughout the privacy statement intended to improve transparency, enhance readability, and update outdated links and references.
August 2018
- We made additional edits throughout the privacy statement intended to improve transparency and readability. For example, we provided more descriptive labels for hyperlinks.
- We separated the description of the personal data Microsoft collects for speech recognition from the description of the personal data Microsoft collects for inking and typing recognition, and simplified both.
- We clarified that, in some cases, access or control to personal data is limited as required or permitted by applicable law.
May 2018
- We made edits throughout the privacy statement intended to improve transparency and readability. For example, we:
- added new categories of personal data we collect, such as voice data, content consumption data, and browse history;
- added new uses of personal data;
- simplified text and eliminated duplicative text and qualifiers such as “we may”;
- added navigation cues, like bullet points, to highlight key points and reduce reader fatigue; and
- improved consistency in the language used describe similar concepts.
- We added language required by the EU General Data Protection Regulation (GDPR). For example, we now:
- describe individuals’ rights to access their data, which applies regardless of location;
- describe the legal bases for Microsoft’s data processing, including under the GDPR’s legitimate interests provisions, and the purposes of our processing of personal data; and
- specify the choices individuals have with respect to sharing personal data with Microsoft, along with the consequences of sharing and Microsoft’s data processing.
- In the Personal Data We Collect section, we:
- added language to direct customers to the appropriate sections of the privacy statement;
- added new examples of third-party sources of personal data; and
- updated the descriptions of types of personal data we collect.
- In the How We Use Personal Data section, we:
- clarified how Microsoft uses data generally, using concepts from the data taxonomy framework in the ISO 19944 international standard;
- clarified our policies around storing unauthenticated data and authenticated data; and
- updated specific descriptions of how Microsoft uses personal data. For example, we added text to describe how we use personal data for promotional communications and legal compliance, and we provided information about where Microsoft uses automated systems to process personal data. Additionally, we moved some details about our advertising practices to a separate section under Other Important Information.
- In the How to Access & Control Your Personal Data section, we described how customers can access their personal data and made the text applicable to all customers, regardless of their location.
- In the Cookies and Similar Technologies section, we updated the description of the cookies Microsoft uses.
- In the Notice to End Users section, we clarified cases when organisations, such as an employer or school, have access to an individual’s personal data.
- In the Microsoft Account section, we clarified the differences between the three types of Microsoft accounts.
- In the Other Important Privacy Information section, we:
- moved the contents of the European Privacy Rights subsection to the How to Access & Control Your Personal Data and How to Contact Us sections.
- added a section called Advertising, using text from the original How We Use Personal Data section, to describe Microsoft’s advertising practices and commitments;
- updated information on how Microsoft processes children’s personal data;
- clarified how and when Microsoft makes changes to the privacy statement;
- identified which Microsoft entities are data controllers under the GDPR, how to contact us, and how to lodge a complaint.
- In the Enterprise and Developer Products section, we:
- described how basic, aggregated account information related to Enterprise Online Services may be shared with authorised partners in certain circumstances.
- identified that Microsoft is a data processor under the GDPR when providing the Enterprise Online Services.
- In the Office and Skype sections we described new features and updated how existing features and functionality process personal data. For example, we explain how Cortana words in Skype.
- In Search and Artificial Intelligence, we described our most current features and functionality. For example, in the Cortana subsection, we described the personal data Microsoft collects from users who are signed in and signed out of the service.
- In the Windows section, we removed text about a service, Wi-Fi Connecting to suggest open hotspots, that is no longer available. Under Web Browsers, we described the type of browser data that syncs across devices.
- In the Entertainment and Related Services section, we updated how existing features and functionality process personal data and provided new information on Xbox, Xbox Live, and Mixer.
- We added a hyper link to access the privacy policy of our subsidiary LinkedIn.
April 2018
- In Personal Data We Collect, we deleted references to defined terms in the Online Services Terms (OST) as data definitions changed in the April 2018 OST.
- We updated the URL to the Law Enforcement Transparency Report in Reasons We Share Personal Data.
- In Cookies & Similar Technologies, we updated the list of opt-out pages for our analytics providers.
- In Where We Store and Process Personal Data, we listed additional countries where Microsoft operates data centres and updated the URL to the European Commission’s decisions on the adequacy of the protection of personal data in third countries.
- We updated our Dublin address in How to Contact Us.
- In Enterprise and Developer Products, we:
- deleted the subsection for Cognitive Services as we moved Cognitive Services under the same terms as Azure services. To learn more, see: https://azure.microsoft.com/support/legal/cognitive-services-compliance-and-privacy/.
- added references to professional services available under the Online Services Terms.
- added a reference to Personal Data, a new defined term in the Online Services Terms.
- for transparency, we noted that Bing Search Services, as defined in the OST, use data as described in the Bing section of this Privacy Statement.
- we updated the link to Microsoft SQL Server’s privacy supplement.
- In Cortana, we describe how location data Cortana collects may be used to provide personalised experiences in other Microsoft products.
- In Windows, we:
- added text to describe new features, such as Activity History, and new functionality in Windows Apps.
- updated the Diagnostics section to (i) provide more information about how Microsoft processes Diagnostic data, (ii) describe the new privacy control for Inking and Typing data, and (iii) provide more information about Tailored experiences.
February 2018
- We added Adjust and Clicktale to the list of analytics providers in Cookies & Similar Technologies.
October 2017
- We made minor edits throughout the privacy statement to reflect the updated name of our digital and physical stores, all now called “Microsoft Store”.
- We updated the examples we provide of the technical measures we use to help de-identify the data Translator processes.
- In Personal Data We Collect, we provide more transparency about Microsoft’s collection of data related to our app Spend and video.
- In Cookies and Similar Technologies, we describe additional uses of cookies on various Microsoft websites.
- In Where We Store and Process Personal Data, we provide more information about the European Commission’s views on the adequacy of the protection of personal data in the countries where Microsoft processes personal data.
- In Microsoft account, we removed information about using Microsoft account with social media accounts, as we no longer provide that particular feature.
- In Enterprise and Developer Products, we provide more information about the collection and processing of data in enterprise and developer products, including SQL Server.
- In Windows, we clarify how certain features work in Microsoft Edge and Internet Explorer.
- Additionally, we made minor edits for grammar and clarity.
September 2017
- In Where We Store and Process Personal Data, we provided more information about Microsoft’s compliance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework.
August 2017
- We updated the preamble to reflect the broad scope of the privacy statement.
- We changed the navigation of the product-specific details to make this information easier to find.
- In Personal Data We Collect, we provided more examples of data we collect from developers and enterprise customers and made edits to better describe data we collect.
- Under How We Use Personal Data, we made changes to improve transparency on how we use the data we collect. We updated the section on advertising to better describe our advertising practices.
- In How to Access & Control Your Personal Data, we added information about how Volume Licensing customers can control their data. We also noted customers can opt out of interest-based advertising from third parties by visiting the third parties’ respective websites.
- We updated Cookies & Similar Technologies to provide greater transparency on our use of cookies and similar technologies.
- We added a section called Notice to End Users to provide individuals who gain access to Microsoft products through their organisation, such as an employer or school, more information about how their data is processed.
- In Where We Store and Process Personal Data, we listed additional countries where Microsoft operates data centres.
- The European Privacy Rights section now only appears in certain European versions of the privacy statement.
- In Cortana, we made changes to better describe how Cortana works. We also provided more information about how information is processed when Cortana uses a Connected Service or third-party skill.
- We updated the Skype section to better describe how certain features work.
- Under Windows we edited the name of certain features and functionality.
- We edited Enterprise and Developer Products to better describe these products and increase transparency on our use of data related to these products. We also updated the name of Dynamics 365.
- In some language versions, we made edits for grammar and clarity.
June 2017
- We made a small update to the language in Privacy Shield to highlight that Microsoft participates in both the EU-U.S. and the Swiss-EU Privacy Shield frameworks.
March 2017
- We updated Personal Data We Collect to provide customers with more transparency about the types of third parties that provide us with personal data. Additionally, we made edits to better describe the types of data we collect.
- Under How We Use Personal Data, we clarified to customers how we use information about their activities, interests and location to deliver personalised experiences.
- In How to Access & Control Your Personal Data, we added information about the new Microsoft privacy dashboard, where customers can access and manage personal data collected from various Microsoft services. We added details about where users can delete their personal data on other Microsoft properties.
- We added AppsFlyer to the list of analytics providers in Cookies & Similar Technologies.
- We updated Microsoft Account to provide customers with information about how our new payment features work.
- We added a new section called European Privacy Rights to inform customers in the European Economic Area of their data protection rights.
- In Where We Store and Process Personal Data we provided customers with more information about where Microsoft processes data. We specified where Microsoft operates major data centres and explained how we determine where we process data. Additionally, we provided more transparency about transfers of personal data from the European Economic Area, including the legal basis for such transfers and how we protect customers’ rights when the data travels. We set forth our commitment to the EU-U.S. and the Swiss-U.S. Privacy Shield frameworks and direct customers on how they can exercise their Privacy Shield rights.
- As we seek to be more transparent about how long we keep personal data, we set forth criteria we use to determine retention periods in Our Retention of Personal Data.
- Under Bing, we provided more clarity to customers about how to turn off Search Suggestions, pointed customers to new capabilities to manage their data, and added details about how search query data is used for research and development purposes.
- In Cortana, we added information to describe how new features work. We explained variations of Cortana on different operating systems and how Cortana interacts with other services. Additionally, we provided more information about how we use location information and moved information about Cortana’s use of information from Microsoft Edge up from the Windows section.
- In Health Services, we made edits for clarity and to account for new applications in this product area.
- We updated MSN to better clarify the type of data collected to provide customers with relevant content.
- In Office we edited the structure of one sentence to make it more clear.
- Under Windows we made a number of changes to improve transparency, to describe changes to certain functionality or new capabilities, and to account for new privacy measures we implemented, including:
- Under Advertising ID, we explained how customers can control the use of this identifier and provided more clarity on how app developers and advertising networks use it.
- We renamed Telemetry and Error Reporting to Diagnostics. In this section, we explained the two levels of diagnostic data, including the type of data collected for each level, depending on the customer’s setting. Additionally, we explained the new Tailored Experiences setting, which enables users to choose whether diagnostic data is used to personalise their experience.
- We provided more clarity on the collection of location data in Windows location service.
- In Recording, we described new capabilities and informed users of their potential legal responsibility related to the use of this feature.
- In SmartScreen, we provided additional details about the data transmitted to Microsoft to help SmartScreen protect customers.
- In Speech, Inking and Typing, we better described our speech recognition capabilities and provided more transparency about the data Microsoft collects to provide these and related services. Additionally, we explained to customers the controls available to manage this data.
- Under Web Browsers we removed references to Page Prediction. The Page Prediction feature still exists in Microsoft browsers. However, browsing history to power the feature is now collected as part of Windows Diagnostics only from devices configured to return data at the Full level. We also moved disclosures about Cortana’s use of data from this section to the Cortana section.
- We renamed Windows Wi-Fi Sense section to Wi-Fi Connecting to suggested open hotspots and edited this section to reflect changed branding and features.
- We clarified Microsoft Wallet is an application only available for Windows Phone by renaming this section.
- We added a section for Windows Media Player to describe how this feature works for versions of Windows where this application is available.
- We edited Windows Search to describe how the feature can be used to search for items stored in other services.
- In some language versions, we made edits for grammar.
February 2017
- In Personal Data We Collect, we clarified additional details about the usage data we consider “Product use data.”
November 2016
- In How We Use Personal Data, we updated Advertising to better clarify the use of your data by third parties to customise the ads you see.
- In How to Access & Control Your Personal Data, we updated Your Communications Preferences, clarifying how to modify your preferences.
- In Other Important Information, we updated the Where We Store and Process Personal Data section to reflect Microsoft’s participation in the EU-US Privacy Shield programme.
- In Bing, we removed the Bing Rewards Programme section, as Bing Rewards has been replaced by Microsoft Rewards.
- We added a new Microsoft Cognitive Services section to explain how we collect and use data when developers use the services. We also clarified that Microsoft Cognitive Services are not Enterprise Products under this privacy statement.
- We added a new Microsoft Translator section, to explain how Microsoft Translator, Collaborative Translations Framework, and Microsoft Translator Hub collect and use data.
- In Windows, we revised the Telemetry & Error Reporting section to reflect that wireless network identifiers are collected at the optional “Enhanced” level of telemetry rather than at the “Basic” level.
- We added a new captioning section in Xbox to explain how Microsoft incorporates a voice-to-text feature to provide captioning of in-game chat for users who need it.
September 2016
- In Enterprise Products, we added links to privacy notices that still apply to certain enterprise offerings.
August 2016
- In Personal Data We Collect, we added additional examples of when we collect data and the types of usage data we collect.
- In How We Use Personal Data:
- We clarified that we show ads in only some of our products, that we also deliver ads in third-party products, and that we partner with third-parties such as AOL and AppNexus to deliver ads. And we removed an outdated example of sharing data with a service provider to help with the delivery of ads.
- We added additional examples of using data for product improvement purposes.
- In Microsoft account:
- We added text explaining the distinctions between a personal Microsoft account and a work or school account provided by your school or employer using Azure Active Directory.
- We added an explanation that when you sign into a third-party product with your Microsoft account, and consent to share profile data, the third-party product can display your name or username and profile photo.
- In Other Important Information, we updated the discussion of transferring data from the European Economic Area to specify our intent to adopt the forthcoming EU-U.S. Privacy Shield Principles.
- In Cortana, we provided more examples of the types of data Cortana can access and use, described a new feature that allows for some functionality without being signed in, described new and enhanced user controls, and added descriptions (already provided to users in the product itself) of data sharing with third-party services that users can choose to connect with Cortana.
- In Microsoft Health and Microsoft Band, we added more detail about the types of data these offerings collect and use, and removed some redundant text to simplify the section.
- We added a new Outlook section (incorporating content previously in an Outlook.com section and an Outlook subsection of Office) to explain the distinctions between Outlook.com, Outlook applications, and related services, describe new cloud-based features, and describe how Outlook applications can be integrated with multiple accounts from third-party service providers.
- In Skype, we added text explaining that this section applies only to the consumer version of Skype and not Skype for Business, describing how contacts are added to Skype from other Microsoft consumer services, and describing a new recording feature in some versions of Skype.
- We added a new Store section, incorporating the content previously in a Windows Store subsection of Windows, and adding references to the Xbox Store and Office Store.
- We added a new SwiftKey section to describe our recently acquired SwiftKey apps, incorporating the content from the previous SwiftKey privacy statement.
- In Windows:
- We expanded the description of Advertising ID to provide more details on its purpose and uses.
- We renamed the "Input Personalisation" section to Speech, Inking and Typing and added additional examples of the data collected.
- In Location Services, Motion Sensing, and Recording, we added descriptions of the new General location and Default location settings, and provided additional details of when location data is collected and retained by Microsoft.
- We updated the Windows Defender section to explain new functionality that allows the use of Windows Defender to do periodic scanning even when there is another anti-malware service running.
- We’ve revised the Telemetry & Error Reporting section to further clarify differences between Basic data, Enhanced data, and Full data.
- We updated the Web Browsers: Microsoft Edge and Internet Explorer section to explain how to control Cortana’s access to your browsing history, and that enabling that feature will allow us to collect your Microsoft Edge search queries and full browsing history associated with your user ID to personalise your experience.
- We revised the Wi-Fi Sense section to clarify that we are no longer offering functionality that will automatically connect to open Wi-Fi networks.
- We added a section to Windows Apps describing the Outlook Mail and Calendar app, and updated the description of the Microsoft Wallet app to reflect to NFC functionality.
- We added a new Enterprise Products section (replacing an Enterprise Services subsection of Other Important Information) to account for Microsoft products and related offerings offered or designed primarily for use by organisations and developers.
- Throughout, we replaced the general term "services" with "products" to better reflect the full range of software, services, and devices Microsoft offers.
- Throughout, we made several minor wording changes to improve clarity, or to address typos, grammar, or other similar issues.
January 2016
- We simplified the introductory paragraph by removing a list of specific Microsoft services, referring instead to the list of services that appears later in the statement.
- In Microsoft account, we added “display name” to the ways others can find and connect with you within Microsoft services.
- In Other Important Privacy Information:
- In Where We Store and Process Personal Data, we clarified that data may be stored in your region, and explained the ways data can be transferred from the European Economic Area to other countries.
- We simplified How to Contact Us by removing the reference to Skype Software S.à.r.l.
- In Skype, we made several edits to simplify and clarify language, remove redundancies, and explain that both Microsoft Corporation and Skype Communications S.à.r.l. are data controllers for Skype.
- In Windows:
- We added to Sync Settings, to clarify that the Windows sync settings apply to Internet Explorer browser history, and that some apps have their own separate sync controls.
- We rewrote much of Telemetry & Error Reporting to clarify the different levels of telemetry, what types of data are included in each, the effect of the available user controls, and the limited sharing of error report information to partners (such as OEMs) to help them troubleshoot products and services which work with Windows and other Microsoft product and services.
- We clarified Web Browsers to show the differences between sync functions and controls on Internet Explorer and Microsoft Edge.
- Throughout, we made several minor wording changes to improve clarity, or to address typos, grammar, or other similar issues.
October 2015
- We added examples to Personal Data We Collect to clarify when we need to collect content of files and communications so that we can provide our services to you.
- We added examples to How We Use Personal Data about customer support and product activation, to further explain how we use your data to provide and improve our services.
- In Reasons We Share Personal Data, we clarified that “private communications and documents in private folders” refers to content in cloud services, like Outlook.com and OneDrive, and not content stored on a person’s local device. We also added a link to our Law Enforcement Transparency Report.
- In Cookies and Other Technologies, we added Kissmetrics and Webtrends to the list of data analytics service providers we use.
- We clarified the difference between a personal Microsoft account and a work or school account provided to you by your organisation.
- In Other Important Privacy Information, we added Enterprise Services to clarify that if you have a work or school account, the owner of the domain associated with your email address may control and administer your account under its own policies, which may differ from ours.
- In Bing, we updated “Autosuggest” to “Search Suggestions” and added information about how to opt out of Bing Rewards.
- In Cortana, we added “Communications History” to the list of features.
- We added Groove Music/Movies & TV, which replaces Xbox Music and Video to reflect the new branding of those services.
- We added Microsoft Health Services, to incorporate information previously provided in separate privacy statements about Microsoft Band devices, Microsoft Health apps, HealthVault, and other related services.
- We simplified Office, by moving the pertinent information from the old Excel subsection into Search services.
- In Outlook, we deleted Social inbox.
- In Skype, we added information about Translation feature.
- In Windows, we added information about Recording.
- In Xbox, we changed Voice chat to Communications monitoring. We also clarified that the Xbox Code of Conduct has been replaced with the Microsoft Code of Conduct.
- Throughout, we made several minor wording changes to improve clarity, or to address typos, grammar, or other similar issues.
July 2015
- We published a new Microsoft Privacy Statement that brought together many separate privacy statements into a single statement covering most of Microsoft’s consumer services. This restructuring of Microsoft’s privacy disclosures was designed to eliminate redundancies, improve usability, and increase clarity and transparency. We added some new elements, for example, to reflect new features of Windows 10, but the new statement did not represent a change in policy or practice for Microsoft.