Skip to main content
Licensing
Please provide feedback on the new Product Terms site using the feedback button below. You may continue to access prior and current versions of the Product Terms and Online Services Terms documents here.
Search Terms

Privacy & Security Terms

General

The Privacy & Security Terms were formerly contained in Attachment 1 to the Online Services Terms.

The Data Protection Addendum, or DPA (defined in the Glossary) sets forth the parties obligations with respect to the processing and security of Customer Data, Professional Services Data, and Personal Data by the Products. The Data Protection Addendum can be downloaded here Personal Data is collected in connection with a billing endpoint, or b) Customer Data (including any https://aka.ms/actestprivacypolicy applies to Customer’s use of Visual Studio App Center Test. Customer may not use Visual Studio App Center Test to store or process https://aka.ms/privacy applies to Customer's use of Microsoft Genomics and not the IoT Device, except to the extent any Personal Data in accordance with the Microsoft Privacy Statement at aka.ms/privacy, and the DPA terms do not apply.  

If a Microsoft Cloud Agreement or Microsoft Customer Agreement Customer uses Azure Stack Hub software or services that are hosted by a Reseller, such use will be subject to Reseller’s privacy practices, which may differ from Microsoft’s.

Azure VMware Solution

Professional Services Data Transfer to VMware

If customer contacts Microsoft for technical support relating to Azure VMware Solution and Microsoft must engage VMware for assistance with the issue, Microsoft will transfer the Professional Services Data and the Personal Data contained in the support case to VMware. The transfer is made subject to the terms of the Support Transfer Agreement between VMware and Microsoft, which establishes Microsoft and VMware as independent processors of the Professional Services Data. Before any transfer of Professional Services Data to VMware will occur, Microsoft will obtain and record consent from customer for the transfer.

VMware Data Processing Agreement

Once Professional Services Data is transferred to VMware (pursuant to the above section), the processing of Professional Services Data, including the Personal Data contained the support case, by VMware as an independent processor will be governed by the VMware Data Processing Agreement for Microsoft AVS Customers Transferred for L3 Support (DPA), the GitHub Privacy Statement available at Customer Data at rest anywhere within the European Union or North America. If Customer is provisioned in the EU or EFTA, and Customer has an Office 365 Education subscription but has not purchased an Advanced Data Residency for Education add-on, then notwithstanding the "Location of Customer Data at Rest for Core Online Services" section of the Product Terms, Microsoft may provision Customer's Office 365 Education tenant in, transfer Customer Data in Dynamics 365 Business Central and Dynamics 365 Finance, except for the retention, deletion, and disclosure of Accounting Materials. In the event of any conflict or inconsistency between the Customer Data. After the Retention Period ends, Microsoft will delete Customer's Accounting Materials. Microsoft has no liability for the deletion of Customer's Accounting Materials.

Disclosure of Accounting Materials

Microsoft will disclose or provide access to Customer's Accounting Materials to Danish Authorities as necessary to satisfy a request compelling such disclosure as required by the Bookkeeping Act. Other data a Customer stores in these Digital Standard Bookkeeping Systems is not subject to disclosure. The Danish Authorities are only authorized to request Accounting Materials from providers of Digital Standard Bookkeeping Systems if obtaining the information directly from the enterprise is not possible. Microsoft has no liability for the disclosure of Customer's Accounting Materials to any Danish Authority.

Microsoft Relationship Sales

LinkedIn Sales Navigator

LinkedIn Sales Navigator is provided by LinkedIn Corporation. Customer may use the LinkedIn Sales Navigator Service only to generate sales leads. Each user of LinkedIn Sales Navigator must be a member of LinkedIn and agree to be bound by the LinkedIn User Agreement available at DPA, or any agreements between Customer and Microsoft shall apply to Legacy Glint Services.Other Online ServicesMicrosoft Intune If Intune Company Portal App is used to manage devices, the terms that apply to Microsoft Intune Online Services (as defined in the Core Online Services table in these Privacy & Security Terms) apply to the use of Intune Company Portal App. Microsoft’s commitments related to Intune Company Portal App do not extend to data processing, policies, or practices of third-party providers of mobile platforms on which Intune Company Portal App operates (e.g., Apple, Google).Managed Devices and ApplicationsMicrosoft Managed Desktop (MMD) integrates data (including .

The standard terms regarding “Data Retention and Deletion”, including the 90-day retention period following expiration or termination of a Customer’s subscription, will apply to free trials of Dragon Copilot.

Nuance Speech Data

The following terms apply to customers of Dragon Copilot who are also customers of the Dragon Medical One and/or Dragon Ambient eXperience (DAX) Copilot:

By using Dragon Copilot, Customer instructs Microsoft to access and process Nuance Speech Data solely for the purpose of optimizing, adapting, and enhancing Customer’s Dragon Copilot speech recognition experience. Microsoft will process the Nuance Speech Data in accordance with Customer’s volume licensing agreement, including but not limited to the aka.ms/privacy) and not the DPA, unless other terms accompany such Internet-based Features.

Visual StudioVisual Studio Subscriptions

Data Collection

The Data Protection Addendum applies to the Product, except (1) the DPA’s statement of compliance with ISO 27001, ISO 27002, and ISO 27018 for processed data does not apply, and (2) use of all data processed by Internet-based Features is governed by the Microsoft Privacy Statement (www.aka.ms/privacy), and the Data Protection Addendum (aka.ms/privacy), and the Data Protection Addendum terms do not apply.

Non-Microsoft Products

Separate terms, including different privacy and security terms, govern Customer’s use of Non-Microsoft Products (as defined in the Dynamics 365Dynamics 365 Business Central, Dynamics 365 Commerce, Dynamics 365 Customer Insights, Dynamics 365 Customer Service, Dynamics 365 Customer Voice, Dynamics 365 Field Service, Dynamics 365 Finance, Dynamics 365 Guides, Dynamics 365 Intelligent Order Management, Dynamics 365 Project Operations, Dynamics 365 Remote Assist, Dynamics 365 Sales, Dynamics 365 Supply Chain ManagementMicrosoft 365Cloud PC, Customer Lockbox, Exchange Online, Exchange Online Archiving for Exchange Online, Microsoft Bookings, Microsoft Forms, Microsoft MyAnalytics, Microsoft Planner, Microsoft Purview Audit, Microsoft Purview Communication Compliance, Microsoft Purview Compliance Manager, Microsoft Purview Customer Key, Microsoft Purview Customer Lockbox, Microsoft Purview Data Lifecycle Management, Microsoft Purview Data Loss Prevention, Microsoft Purview eDiscovery, Microsoft Purview Information Barriers, Microsoft Purview Information Protection, Microsoft Purview-Insider Risk Management, Microsoft Purview Privileged Access Management, Microsoft Purview Records Management, Microsoft StaffHub, Microsoft Stream (Classic) (on SharePoint), Microsoft Teams,  Microsoft To-Do,  Office for the web, Online Services provided as part of Microsoft 365 Apps, OneDrive (work/school), SharePoint Online, Sway, Whiteboard, Viva Engage, Microsoft 365 Copilot, Microsoft 365 Copilot Chat, Communications Compliance, eDiscovery and Audit, Insider Risk Management, Information Barriers, Microsoft Intune, Priva Privacy Risk Management, Priva Subject Rights Management, Microsoft Viva Answers, Microsoft Viva Connections, Microsoft Viva Engage, Microsoft Viva Glint, Microsoft Viva Goals, Microsoft Viva Insights, Microsoft Viva Learning, and Microsoft Viva PulseMicrosoft 365 Copilot for SalesMicrosoft 365 Copilot for SalesMicrosoft Dragon CopilotMicrosoft Dragon CopilotPower PlatformMicrosoft Power Apps, Microsoft Power Automate, Microsoft Power BI, Microsoft Power Pages, Microsoft Copilot Studio

Location of Customer Data, Personal Data, and Professional Services Data for EU Data Boundary Services

For EU Data Boundary Services, Microsoft will store and process Customer Data and Personal Data, and store Professional Services Data at rest within the EU Data Boundary as detailed below.

Customer must configure EU Data Boundary Services as follows:

  • For Azure, Customer must deploy the service into an Azure region located within the EU Data Boundary. See Data Residency in Azure (Data Protection Addendum and the Product Terms.

    • Remote Access. Microsoft personnel located outside the EU Data Boundary may remotely access data processing systems in the EU Data Boundary as necessary to operate, troubleshoot, support, and secure the EU Data Boundary Services.
    • Customer-Initiated Transfers. Customers may initiate transfers outside the EU Data Boundary, such as by accessing EU Data Boundary Services from locations outside the EU Data Boundary, sending an email to a recipient located outside the EU Data Boundary, or use of EU Data Boundary Services in combination with other services not in the EU Data Boundary.
    • Protecting Customers. Microsoft transfers limited data outside of the EU Data Boundary as necessary to detect and protect Customers against security threats.
    • Directory Data. Microsoft may replicate limited Microsoft Entra directory data from Microsoft Entra ID (including username and email address) outside the EU Data Boundary to provide the service.
    • Network Transit. To reduce routing latency and to maintain routing resiliency, Microsoft uses variable network paths that may occasionally result in transit of data outside the EU Data Boundary. 
    • Service and Platform Quality, Resiliency and Management. When required to monitor and maintain service quality or to ensure accuracy of statistical measures of service use or performance, pseudonymized Personal Data and Professional Services Data may be transferred outside of the EU Data Boundary.
    • Service-Specific Transfers. See transparency documentation referenced above for information about transfers applicable to specific support activities and EU Data Boundary Services.

    EU Data Act

    The terms “EU Data Act,” “EU Customer,” and “EU Data Act Service” are defined in the DPA.

    Supporting materials on exporting Customer Data from Online Services, including EU Data Act Services, are available on Microsoft Learn (https://learn.microsoft.com/); visit aka.ms/governmentaccessrequests.

Back To Top

Follow Lee on X/Twitter - Father, Husband, Serial builder creating AI, crypto, games & web tools. We are friends :) AI Will Come To Life!

Check out: eBank.nz (Art Generator) | Netwrck.com (AI Tools) | Text-Generator.io (AI API) | BitBank.nz (Crypto AI) | ReadingTime (Kids Reading) | RewordGame | BigMultiplayerChess | WebFiddle | How.nz | Helix AI Assistant