Data management at Microsoft

Photograph of person seated at a table in the lobby of a modern building working on a laptop

Protecting and managing your customer data


You own your data

Microsoft will use your customer data only to provide the services we have agreed upon, and for purposes that are compatible with providing those services. We do not share your data with our advertiser-supported services, nor do we mine it for marketing or advertising. If you leave the service, we take the necessary steps to ensure the continued ownership of your data.1

Photograph of person seated at small café table looking at laptop
Photograph of two people seated at a round table talking, one is writing with a stylus on a Surface in tablet mode, the other is typing on a Surface in laptop mode

We do not use or share customer data for advertising

We don’t share data with advertiser-supported services or mine it for marketing. Our policy is backed by agreements and adoption of the international code of practice for cloud privacy, ISO-IEC 27018.

How we use data to improve service

Troubleshooting

Troubleshooting for preventing, detecting, and repairing problems affecting operations of services.

Feature improvement

Ongoing improvement of features including increasing reliability and protection of services and data.

Personalized customer experience

Data is used to provide personalized improvements and better customer experiences.

What happens to your data if you leave the service

Microsoft is governed by strict standards and removes cloud customer data from systems under our control, overwriting storage resources before reuse, and purging or destroying decommissioned hardware.

|

In our Online Services Terms, Microsoft contractually commits to specific processes when a customer leaves a cloud service or the subscription expires. This includes deleting customer data from systems under our control.

  • If you terminate a cloud subscription or it expires (except for free trials), Microsoft will store your customer data in a limited-function account for 90 days (the “retention period”) to give you time to extract the data or renew your subscription. During this period, Microsoft provides multiple notices, so you will be amply forewarned of the upcoming deletion of data.
  • After this 90-day retention period, Microsoft will disable the account and delete the customer data, including any cached or backup copies. For in-scope services, that deletion will occur within 90 days after the end of the retention period. (In-scope services are defined in the Data Processing Terms section of our Online Services Terms.)

When customer data is hosted in the multitenant environments of Microsoft business cloud services, we take careful measures to logically separate customer data. This helps prevent one customer’s data from leaking into that of another customer, which also helps to block any customer from accessing another customer’s deleted data.

If a disk drive used for storage suffers a hardware failure, it is securely erased or destroyed before Microsoft returns it to the manufacturer for replacement or repair. The data on the drive is completely overwritten to ensure the data cannot be recovered by any means.

When such devices are decommissioned, they are purged or destroyed according to NIST 800-88 Guidelines for Media Sanitation.

Data policy of Microsoft services

Azure Data protection

“Data deletion” is discussed on page 21 in the Data Protection in Azure document.

Intune data protection overview

 “Data disposition” is discussed on page 9 in the Intune Privacy and Data Protection Overview document.

Dynamics 365 data access

Learn about data access in Dynamics 365.

Office 365 data access

Learn about data access in Office 365.

Data management resources

How Microsoft categorizes data

Where your data is located

Who can access your data

Lists of subcontractors who handle data

Responding to government requests

Additional resources

Graphic icon of a rectangle with a folded corner representing a document

Microsoft Privacy Statement

Learn about the personal data Microsoft processes, how we process it, and for what purposes.

Graphic icon with two rectangular shapes representing documents, the one in front with horizontal lines representing information

Microsoft Licensing Terms

Licensing terms, conditions, and supplemental information for Microsoft Volume Licensing programs.

Graphic icon of a padlock with a white circle in the middle

Privacy protections

Microsoft wins privacy protections for our customers.

1 The information on this page does not apply to Bing Search Services or Windows, except for the Windows Defender Advanced Threat Protection service.