Microsoft - Policy Change

--- old
+++ new
@@ -760,20 +760,11 @@
 for additional information on the processing of information under the Telecommunications Business Act (in Japanese only).
 Back to top
 Our retention of personal data
-Microsoft retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, the context of our interactions with you or your use of products, actual retention periods can vary significantly.
-Other criteria used to determine the retention periods include:
-Do customers provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it?
-Examples include a document you store in OneDrive, or an email message you keep in your Outlook.com inbox. In such cases, we would aim to maintain the data until you actively delete it, such as by moving an email from your Outlook.com inbox to the Deleted Items folder, and then emptying that folder (when your Deleted Items folder is emptied, those emptied items remain in our system for up to 30 days before final deletion). (Note that there may be other reasons why the data has to be deleted sooner, for example if you exceed limits on how much data can be stored in your account.)
-Is there an automated control, such as in the Microsoft privacy dashboard, that enables the customer to access and delete the personal data at any time?
-If there is not, a shortened data retention time will generally be adopted.
-Is the personal data of a sensitive type?
-If so, a shortened retention time would generally be adopted.
-Has Microsoft adopted and announced a specific retention period for a certain data type?
-For example, for Bing search queries, we de-identify stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers that are used to identify a particular account or device after 18 months.
-Has the user provided consent for a longer retention period?
-If so, we will retain data in accordance with your consent.
-Is Microsoft subject to a legal, contractual, or similar obligation to retain or delete the data?
-Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data retained for the purposes of litigation. Conversely, if we are required by law to remove unlawful content, we will do so.
+Microsoft retains personal data for as long as necessary to provide the products and services you use and to fulfill the transactions you request. We also retain personal data for other legitimate purposes such as operating our business, meeting our contractual and legal obligations, improving and developing our products and services, protecting the safety and security of our systems and customers, and resolving disputes. Because these needs can vary for different data types, the context of our interactions with you or your use of products, actual retention periods can vary significantly. See relevant product documentation for more information.
+Criteria used to determine the retention periods include:
+The purposes for which we use the information. For example, when you store a document in OneDrive, we maintain the data until you actively delete it.
+The nature and sensitivity of the information. For example, we maintain a shortened retention period for precise geolocation information.
+Legal, contractual and other similar obligations we are subject to, including data retention laws, government orders to preserve data relevant to an investigation, or data retained for the purposes of litigation. Conversely, we’ll remove unlawful content where required by law.
 Back to top
 U.S. State Data Privacy
 If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our privacy statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our privacy statement. Please also see our
@@ -983,8 +974,6 @@
 . In the United States, we provide personalized advertising based on a limited number of standard, non-sensitive health-related interest categories, including allergies, arthritis, cholesterol, cold and flu, diabetes, gastrointestinal health, headache / migraine, healthy eating, healthy heart, men’s health, oral health, osteoporosis, skin health, sleep, and vision / eye care. We will also personalize ads based on custom, non-sensitive health-related interest categories as requested by advertisers.
 Children and advertising
 . We do not deliver personalized advertising to children whose birthdate in their Microsoft account identifies them as under 18 years of age.
-Data retention
-. For personalized advertising, we retain data for no more than 13 months, unless we obtain your consent to retain the data longer.
 Sensitive Data
 . Microsoft Advertising does not collect, process, or disclose personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws for the purposes of providing personalized advertising.
 Data sharing
@@ -1012,7 +1001,7 @@
 . Many of these companies participate in the
 DAA (U.S.)
 , EDAA (Europe) or DAAC (Canada), which provide industry-wide choice tools.
-To opt out of receiving personalized advertising from Microsoft, visit our
+To learn more about Microsoft’s use of data to deliver personalized advertising and to opt out of receiving personalized advertising from Microsoft, visit our
 opt-out
 page. When you opt out, your preference is stored in a cookie that is specific to the web browser you are using. The opt-out cookie has an expiration date of five years. If you delete the cookies on your device, you need to opt out again.
 Back to top
@@ -1445,8 +1434,6 @@
 . There are other methods to control this feature in other Bing-powered experiences, such as the Microsoft Edge browser. Search Suggestions cannot be turned off in the search box in Windows 10 and Windows 11. If you choose, you can always hide the search box or icon on the taskbar.
 Bing experience improvement program for Bing Desktop and Bing Toolbar
 . If you are using Bing Desktop or Bing Toolbar and choose to participate in the Bing Experience Improvement Program, we also collect additional data about how you use these specific Bing apps, such as the addresses of the websites you visit, to help improve search ranking and relevance. To help protect your privacy, we do not use the data collected through the Bing Experience Improvement Program to identify or contact you or target advertising to you. You can turn off the Bing Experience Improvement Program at any time in the Bing Desktop or Bing Toolbar settings. Finally, we delete the information collected through the Bing Experience Improvement Program after 18 months.
-Retention and de-identification
-. We de-identify stored search queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers that are used to identify a particular account or device after 18 months.
 Personalization through Microsoft account
 . Some Bing services provide you with an enhanced experience when you sign in with your personal Microsoft account, for example, syncing your search history across devices. You can use these personalization features to customize your interests, favorites, and settings, and to connect your account with third-party services. Visit
 Bing Settings