Intro

When you set up Windows, we ask that you choose settings relating to your privacy. You can update your settings any time by going to Start > Settings.

 

The information below explains what data we collect and how it is used, depending on the settings you choose. Please be sure to review the full Microsoft Privacy Statement for more information on the personal data we collect and how it is used when you use Windows (type aka.ms/privacy into any browser window to do so). The data we collect is sent to and stored in the USA and other countries as set forth in the Microsoft Privacy Statement.

 

Location

The device location setting enables certain Windows features such as auto-setting the time zone or Find my device to function properly. When the device location setting is enabled, the Microsoft location service will use a combination of global positioning service (GPS), nearby wireless access points, cell towers, and your IP address to determine your device’s location. Depending on the capabilities of your device, your device’s location can be determined with varying degrees of accuracy and may in some cases be determined precisely.

 

If the location setting for your device is turned on, your device sends its location information (including wireless access point information, cellular tower information, and precise GPS location if available) to Microsoft after removing identifiers associated with you or your device. This de-identified location information is used to improve Microsoft location services.

 

Additionally, with this setting turned on, each user on the device can allow apps to use their device’s location and location history to deliver location-aware services as precisely as their device supports. When your location is used by a location-aware app or Windows service or feature, your location information and recent location history are stored on your device. Once your device completes the setup process you will also be able to grant specific apps access to your device’s precise location depending on the capabilities of your device. Otherwise the location information provided to the app has lower accuracy.

 

If an app or feature accesses the device’s location and you are signed in with your Microsoft account, your last known location information is also saved to the cloud, where it is available across your devices to other apps or services that use your Microsoft account and to which you’ve granted permission. If you are signed in with your Microsoft account and your device cannot reliably determine your current location on its own (such as when you are in a building or basement), apps or services can use your last known location from your location history that is stored in the cloud if it is available. Even if you’re not using a Microsoft account, data about your Windows device's recent location history is also stored on your device, and certain apps and Windows features can access this location history.

 

There are some exceptions to how your device’s location can be determined that are not directly managed by the location settings.

 

Desktop apps are a specific type of app that won’t ask for separate permission to discover your device location information and won’t appear in the list that allows you to choose apps that can use your location. What are desktop apps? They’re usually downloaded from the Internet or installed with some type of media (such as a CD, DVD, or USB storage device). They’re launched using an .EXE or .DLL file, and they typically run on your device, unlike web-based apps (which run in the cloud).

 

Even when you’ve turned off the location setting for your device, some third-party apps and services could use other technologies (such as Bluetooth, Wi-Fi, cellular modem etc.) to determine your device’s location with varying degrees of accuracy. Microsoft requires third-party software developers that develop apps for our Microsoft Store or develop apps using Microsoft tools to respect the Windows location settings unless you’ve provided any legally required consent to have the third-party developer determine your location. However, to further reduce the risk that an app or service can determine your location when the Windows location setting for your device is off, you should only install apps and services from trusted sources. For more comprehensive protection of your location, you could consider turning off radio-based components of your device such as Wi-Fi, Bluetooth, cellular modem, and GPS components, which might be used by an app to determine your precise location. However, doing so will also impair other experiences such as calling (including emergency calling), messaging, Internet connectivity, and connecting to peripheral devices like your headphones. Please read the privacy policies of the apps and services you’ve installed to learn more about how they use your device’s location.

 

To facilitate getting help in an emergency, whenever you make an emergency call, Windows will attempt to determine and share your precise location, regardless of your location settings. In addition, your mobile operator will have access to your device’s location if your device has a SIM card or is otherwise using a cellular service.

 

You can turn off the location setting, control which apps have access to your location and location history, and clear your device’s location history at any time on the Location page in the Settings app. Learn more about location

 

Find my device

Find my device uses your device’s location data to help you find your device if you lose it. Find my device allows an administrator of a Windows portable device, such as a laptop or tablet, to find the location of that device from account.microsoft.com/devices. To use this feature, the administrator needs to turn on the location setting for the device and sign in to Windows with a Microsoft account. This feature will work for the administrator even if other users have denied access to location for all their apps. When the administrator attempts to locate the device, users will see a notification in the notification area.

 

You can turn this off at any time on the Find my device page in the Settings app. Learn more about Find my device

 

Diagnostics

There are two categories of diagnostic data: Required and Optional. Microsoft uses diagnostic data to keep our products secure and up to date, troubleshoot problems, and make product improvements as described in more detail below. Regardless of your selection, your device will be just as secure and will operate normally. This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device's service issues and use patterns.

 

Required diagnostic data is information about your device, its settings and capabilities, and whether it is performing properly. This is the minimum level of diagnostic data needed to help keep your device reliable, secure, and operating normally.

 

Optional diagnostic data includes how you use apps and features, plus additional information about device health, device and web activity, and enhanced error reporting. At Optional, Microsoft also collects the memory state of your device when a system or app crash occurs (which may unintentionally include parts of a file you were using when a problem occurred). Required diagnostic data will always be included when you choose to send Optional diagnostic data. If you choose to send optional diagnostic data, Microsoft may use or combine Windows diagnostic data with data from other Microsoft products to help keep Windows and those products secure and up to date, troubleshoot problems, and make product improvements. While your device will be just as secure and operate normally if you only send Required diagnostic data, the additional information we collect at Optional makes it easier for us to identify and fix issues and make product improvements that benefit all Windows customers.

 

Some of the data described above may not be collected from your device even if you choose to send Optional diagnostic data. Microsoft minimizes the volume of data we collect from all devices by collecting some of the Optional diagnostic data from only a small percentage of devices (sample). By running the Diagnostic Data Viewer tool, you can see an icon which indicates whether your device is part of a sample and also which specific data is collected from your device. Instructions for how to download the Diagnostic Data Viewer tool can be found on the Diagnostics & feedback page in the Settings app.

 

Specific data items collected in Windows diagnostics are subject to change to give Microsoft flexibility to collect the data needed for the purposes described. For example, to ensure Microsoft can troubleshoot the latest performance issue impacting users’ computing experience or update a Windows device that is new to the market, Microsoft may need to collect data items that were not collected previously. Learn about the current list of optional diagnostic data and required diagnostic data collected by Microsoft.

 

We use Required diagnostic data to keep Windows devices up to date. Microsoft uses:

·        Basic error information to help determine whether problems your device is experiencing can be addressed by the update process;

·        Information about your device, its settings and capabilities, including applications and drivers installed on your device, to ascertain whether your device is ready for and compatible with the next operating system or app release and ready for update;

·        Logging information from the update process itself to understand how well your device’s updates are proceeding through the stages of downloading, pre-installation, post-installation, post-reboot, and setup;

·        Data about the performance of updates on all Windows devices to assess the success of an update’s deployment and to learn device characteristics (e.g., hardware, peripherals, settings, and applications) that are associated with the success or failure of an update; and

·        Data about which devices have had upgrade failures and why to determine whether to offer the same upgrade again.

 

We use both Required and Optional diagnostic data to troubleshoot issues to help keep Windows and related products and services reliable and secure.

 

Microsoft uses Required diagnostic data to:

·        Comprehend the immense number of hardware, system, and software combinations customers use;

·        Analyze issues based on specific hardware, system, and software combinations and identify where problems or issues occur with a specific or limited set of devices;

·        Determine whether an app or process experiences a performance issue (e.g., the app crashes or hangs) and when a crash-dump file is created on the device (crash dumps themselves are collected when you choose to send Optional diagnostic data); and

·        Understand the effectiveness and fix problems with the diagnostic transmission system itself.

 

Microsoft uses the additional Optional diagnostic data to help spot and fix problems more quickly. We use:

·        Information about app activity to understand what the user was doing in an app that caused a problem in conjunction with what we learn about the impact of other apps or processes running on a device;

·        Information about device health, such as battery level or how quickly applications respond to input, to better understand the data we collect about application performance issues and make corrections; and

·        Information contained in enhanced error reporting and crash dumps to better understand the data related to the specific conditions under which an error or crash occurred.

 

We use Required diagnostic data to improve Windows. We use Optional diagnostic data to improve Windows and related products and services.

 

Microsoft uses Required diagnostic data for product improvement in the context of keeping your Windows device up to date and secure; problem-solving; accessibility; reliability; performance; enhancing existing Windows features; compatibility of apps, drivers, and other utilities; privacy; and energy efficiency.

 

Microsoft uses Required diagnostic data for this purpose as follows:

·        Information about customers’ devices, peripherals, and settings (and their configurations) is used to prioritize product improvements by determining which improvements will have the greatest positive impact to the most Windows customers; and

·        Information about which apps are installed on devices is used to prioritize app-compatibility testing and feature improvements for the most popular apps.

 

Additional data collected when you choose to send Optional diagnostic data is used to help make even more meaningful improvements to Windows and related products and services:

·        App activity information helps us prioritize app-compatibility testing and make feature improvements to apps and features that are used the most;

·        Information about the impact of device characteristics, configuration, and app activity on device health (for example on battery life) is used to analyze and make changes that improve the performance of Windows devices; and

·        Aggregate information about browsing history in Microsoft browsers is used to tune Bing’s search algorithms to provide more effective search results.

 

We don’t use any Windows diagnostic data to provide personalized experiences or promote products or services to you unless you let us do so with the separate Tailored experiences or Personalized offers settings (described below).

 

You can turn on or turn off the Send optional diagnostic data setting at any time on the Diagnostics & feedback page in the Settings app. Learn more about diagnostic data

 

Improve inking and typing

If you choose to send diagnostic data to Microsoft to improve inking and typing recognition, Microsoft will collect samples of the content that you type or write to improve features such as handwriting recognition, autocompletion, next word prediction, and spelling correction in the many languages used by Windows customers. When Microsoft collects inking and typing diagnostic data, it is divided into small samples and processed to remove unique identifiers, sequencing information, and other data (such as email addresses and numeric values) which could be used to reconstruct the original content or associate the input to the user.

 

You can turn this off at any time on the Diagnostics & feedback page in the Settings app. Learn more about inking and typing data

 

Tailored experiences with diagnostic data

If you choose to turn on Tailored experiences, we will use your Windows diagnostic data to offer you personalized tips, ads, and recommendations to enhance Microsoft experiences. If you have Required diagnostic data selected as your diagnostic data setting, personalization is based on information about your device, its settings and capabilities, and whether it is performing properly. If you have selected to send Optional diagnostic data, personalization is also based on how you use apps and features, plus additional information about the health of your device. We do not use information about websites you browse, content of crash dumps, speech, typing, or inking input data for personalization when we receive such data from users who have selected to send Optional diagnostic data. 

 

Tailored experiences include suggestions on how to customize and optimize Windows, as well as ads and recommendations for Microsoft and third-party products and services, features, apps, and hardware for your Windows experiences. For example, to help you get the most out of your device, we may tell you about features you may not know about or that are new. If you are having a problem with your Windows device, you may be offered a solution. You may be offered a chance to customize your lock screen with pictures, or to be shown more pictures of the kind you like, or fewer of the ones you don’t. If you stream movies in your browser, you may be recommended an app from the Microsoft Store that streams more efficiently. Or, if you are running out of space on your hard drive, Windows may recommend you try OneDrive or purchase hardware to gain more space.

 

You can turn this off at any time on the Diagnostics & feedback page in the Settings app. Learn more about tailored experiences with diagnostic data

 

Personalized offers

If you choose to turn on Personalized offers, we will use your Windows diagnostic data in combination with your account info and data collected by other Microsoft products and services to offer you personalized tips, ads, and recommendations to enhance your Windows experiences. Personalized offers include suggestions on how to customize and optimize Windows, as well as ads and recommendations for Microsoft and third-party products and services, features, apps, and hardware to enhance your Windows experiences. For example, Windows might tell you about new features to help you get the most out of your device. If you stream movies in your browser, Windows might recommend an app from the Microsoft Store that streams more efficiently. Or, if you are running out of space on your hard drive, Windows might recommend you try OneDrive or purchase hardware to add more storage.

 

When Personalized offers is on, Windows may use your required diagnostic data to personalize offers. This data may include information about your device, its settings and capabilities, and whether it is performing properly.  If you have decided to share optional diagnostic data, the data used to personalize offers may also include information about how you use apps and features, plus additional information about the health of your device. We do not use the content of crash dumps, speech, typing, or inking input data for personalizing offers.

 

In addition to diagnostic data, we may use or combine the following data from other Microsoft products with Windows diagnostic data to personalize offers:

·        Web activity, if you give Microsoft Edge permission to collect your web activity for personalized search, ads, and news.

·        Info about your use of other Microsoft products and services, including Microsoft Bing, MSN.com, Microsoft 365, and Xbox.

·        Data from third-party websites which may be shared with Microsoft.

 

To manage how data collected by other Microsoft products is used to personalize offers, you can visit https://aka.ms/personalized-offers to opt in or out. The data we use to personalize offers may change over time, but this page will always have the latest list of data sources so you can make decisions on how your data is used by Microsoft. In some regions such as the European Economic Area, turning off Personalized offers on Windows also stops the use of data from other Microsoft products to personalize tips, ads, and recommendations in Windows. In other regions, you can manage how data collected by other Microsoft products is used to personalize offers by visiting https://aka.ms/personalized-offers.

 

Contextual data from your device and some basic account data are used to show you appropriate messaging in Windows regardless of whether the Personalized offers setting or the use of data from other Microsoft products to personalize offers are turned off. For example, this data is used to make sure content is in the correct language and appropriate for your age group.

 

The contextual data from your device includes:

·        Device ID

·        Device type

·        Device configuration info

·        Age of the device

·        Device language and locale settings

·        Info on where the message will appear in Windows

 

The basic account data used to show you appropriate messages includes:

·        Account region info

·        Privacy settings

·        Age group

·        Devices associated with your account

·        Purchases of Microsoft products and subscriptions

 

If you choose to turn off Personalized offers or stop the use of data from other Microsoft products, we may use basic account data and info about your device to avoid showing you generic tips, ads, and recommendations that are not relevant to you. For example, we may use basic account data like your active subscriptions to avoid showing you ads for products you have already purchased, or contextual data like your device model to avoid recommending hardware accessories that are not compatible with your device.

 

Personalized offers applies to tips, offers, ads, and recommendations you see in Windows. Changing this setting will not impact the kinds of offers you may see in other Microsoft products. You can change this setting at any time by searching for Personalized offers in the Windows Settings app. Learn more about Personalized offers

 

Protection from unsafe apps and web content

Microsoft strives to provide the best possible protection from digital threats. To help ensure you’re protected as soon as you start using your device, we turn on Microsoft Defender SmartScreen by default, which collects data about websites you visit, files you download, and apps you install and run. Microsoft Defender SmartScreen uses this data to warn you and help protect you, your device, and your passwords from unsafe apps and web content.

 

As you start using your device, the data we collect helps us determine whether your device could benefit from using Smart App Control for additional security protection. If so, the protection you receive from Microsoft Defender SmartScreen is enhanced by turning on Smart App Control to provide extended protection. Otherwise, Smart App Control will be unavailable and Microsoft Defender SmartScreen will continue to help protect your device.

 

You can turn off Microsoft Defender SmartScreen and Smart App Control at any time in the Windows Security app. Learn more about Microsoft Defender Smartscreen and Smart App Control

 

Windows Hello

Windows Hello is a more personal, more secure way to sign in to Windows devices, apps, online services, and networks using biometric data or a PIN. When you set up Windows Hello biometrics, it takes the data from the face camera, iris sensor, or fingerprint reader and creates a data representation—or graph—that is then encrypted before it’s stored on this device. The biometric verification data that’s used when you sign in doesn’t leave this device. Additionally, Windows Hello does not store pictures of your face, iris, or fingerprint on this device or anywhere else.

 

You’ll need to set up a PIN as part of setting up fingerprint or facial recognition sign-in, but you can also sign in with just your PIN without providing your face, eye, or fingerprint data. By setting up Windows Hello, you consent to the storage of data associated with your face, eyes, or fingerprint on this device. These options help make it easier and safer to sign in to this device because your PIN is only associated with one device, and it’s backed up for recovery with your Microsoft account. Your biometric data will remain on this device until you remove it. However, after a significant period of Windows Hello inactivity, you will be prompted to confirm that you want to continue to store your biometric data. You can go to Settings and remove Windows Hello, and any associated biometric identification data, at any time. Learn more about Windows Hello