Data management at Microsoft
Protecting and managing your customer data
You own your data
Microsoft will use your customer data only to provide the services we have agreed upon, and for purposes that are compatible with providing those services. We do not share your data with our advertiser-supported services, nor do we mine it for marketing or advertising. If you leave the service, we take the necessary steps to ensure the continued ownership of your data.1
We do not use or share customer data for advertising
We don’t share data with advertiser-supported services or mine it for marketing. Our policy is backed by agreements and adoption of the international code of practice for cloud privacy, ISO-IEC 27018.
What happens to your data if you leave the service
Microsoft is governed by strict standards and removes cloud customer data from systems under our control, overwriting storage resources before reuse, and purging or destroying decommissioned hardware.
In our Online Services Terms, Microsoft contractually commits to specific processes when a customer leaves a cloud service or the subscription expires. This includes deleting customer data from systems under our control.
- If you terminate a cloud subscription or it expires (except for free trials), Microsoft will store your customer data in a limited-function account for 90 days (the “retention period”) to give you time to extract the data or renew your subscription. During this period, Microsoft provides multiple notices, so you will be amply forewarned of the upcoming deletion of data.
- After this 90-day retention period, Microsoft will disable the account and delete the customer data, including any cached or backup copies. For in-scope services, that deletion will occur within 90 days after the end of the retention period. (In-scope services are defined in the Data Processing Terms section of our Online Services Terms.)
When customer data is hosted in the multitenant environments of Microsoft business cloud services, we take careful measures to logically separate customer data. This helps prevent one customer’s data from leaking into that of another customer, which also helps to block any customer from accessing another customer’s deleted data.
If a disk drive used for storage suffers a hardware failure, it is securely erased or destroyed before Microsoft returns it to the manufacturer for replacement or repair. The data on the drive is completely overwritten to ensure the data cannot be recovered by any means.
When such devices are decommissioned, they are purged or destroyed according to NIST 800-88 Guidelines for Media Sanitation.
1 The information on this page does not apply to Bing Search Services or Windows, except for the Windows Defender Advanced Threat Protection service.