What this feature does

Activation reduces software counterfeiting, which helps ensure that Microsoft customers receive the software quality they expect. Once your software is activated, a specific product key becomes associated with the PC (or the hardware) on which your software is installed. This association prevents the product key from being used to activate the same copy of the software on multiple PCs. Some changes to your PC components or the software might require you to reactivate the software.

Information collected, processed, or transmitted

During activation, product key information is sent to Microsoft, such as:

• The Microsoft product code, which is a five-digit code that identifies the Windows product you're activating.

• A channel ID or site code, which identifies where you obtained the Windows product. For example, it identifies whether the product was sold at retail, is an evaluation copy, is subject to a volume licensing program, or was pre-installed by the PC manufacturer.

• The date of installation.

• Information that helps confirm that the product key information hasn't been altered.

If Windows was preinstalled by the manufacturer of your PC, additional information might be sent to Microsoft, such as the PC’s make and model.

If your Windows license is on a subscription basis, information will also be sent about how your subscription works.

Activation also sends a number generated from the PC's hardware configuration to Microsoft. The number doesn’t represent any personal information about you. Along with standard PC information, some information about additional language settings is collected.

Use of information

Microsoft uses the information to confirm that you have a licensed copy of the software and to confirm whether you're eligible for certain support apps. This information is also aggregated for statistical analysis. Microsoft doesn't use the information to identify or contact you.

Choice and control

Activation is mandatory and occurs automatically while you set up Windows. If you don't have a valid license for the software, you won’t be able to activate Windows.

What this feature does

Active Directory Rights Management Services (AD RMS) Client is information-protection technology that works with AD RMS enabled apps to help safeguard digital information from unauthorized use. Owners of digital information can define how recipients use the information contained in a file, such as who can open, modify, print, or take other actions with the file. In order to create or view a file with restricted permissions, your PC must be running an AD RMS enabled app and have access to an AD RMS server.

Information collected, processed, or transmitted

AD RMS uses your email address to identify you. Your email address will be stored in use licenses and identity certificates on your PC created by an AD RMS server. Identity certificates and use licenses are transferred to and from AD RMS servers. Your email address is also stored on the AD RMS server. If your PC is part of an enterprise, the AD RMS server is typically owned by and located within the enterprise. If you're using Windows Live AD RMS services, the server will be an AD RMS server at Microsoft. Information that is sent to Microsoft AD RMS servers is sent in an encrypted form.

Use of information

The use license allows you to access protected files. The identity certificates is used to identify you to an AD RMS server, and it allows you to protect files and to access protected files.

Choice and control

AD RMS features must be enabled through an AD RMS-capable app. By default, they aren’t enabled. You can choose to not enable or use them. However, if you don’t enable them, you won’t be able to access protected files.

Audit allows an administrator to configure Windows to record operating system activity in a security log that can be accessed using the Event Viewer and other apps. This log can help an administrator detect unauthorized access to the PC or resources on the PC. For example, this log can help administrators troubleshoot problems and determine whether someone has signed in to the PC, created a new user account, changed a security policy, or opened a document.

Information collected, processed, or transmitted

Administrators determine what information is collected, how long it is retained, and whether it is transmitted to other parties. The information might include personal information, such as user names or file names. For more information, contact your administrator.

Use of information

Administrators also determine how the audit information is used. Generally, the security log is used by auditors and administrators to track PC activity or to identify unauthorized access to the PC or resources on the PC.

Choice and control

Administrators determine whether this feature is enabled and how users are notified. Other users can’t view the security log unless the administrator allows them to access it. You can configure Audit on your PC by opening Local Security Policy in Administrative Tools.

What this feature does

BitLocker Drive Encryption helps protect your data by encrypting it, which can help prevent offline software attacks. When BitLocker is enabled on a supported drive, Windows encrypts the data on the drive. You can also choose to encrypt free space on a drive.

Information collected, processed, or transmitted

When BitLocker is enabled using software encryption, cryptographic keys in memory continually encrypt and decrypt data as it is read from or written to the protected drive. When BitLocker is enabled using hardware encryption, data encryption and decryption is performed by the drive.

During BitLocker setup, you can choose to print a recovery key or save it to a location on your network. If you set up BitLocker on a non-removable drive, you can also save your recovery key to a USB flash drive.

If your PC isn't joined to a domain, you can back up your BitLocker recovery key, recovery key ID, and computer name to Microsoft SkyDrive. To help protect this information, it is encrypted using SSL.

When you protect a data drive using a smart card, the public key and unique identifier for the smart card are stored unencrypted on the drive. This information can be used to locate the certificate that was originally used to generate the smart card’s encryption certificate.

If your PC has security hardware with at least version 1.2 of the Trusted Platform Module (TPM), BitLocker uses the TPM to provide hardware-enhanced data protection for the drive on which Windows is installed. For more information, see the Trusted Platform Module (TPM) Services section. On TPM-equipped PCs, you can also set up a personal identification number (PIN) to help add an extra layer of protection for your encrypted data. BitLocker will store this TPM-based PIN in a hashed and encrypted form on the drive.

Information collected by BitLocker isn't sent to Microsoft unless you choose to back up your recovery key to SkyDrive.

Use of information

Cryptographic keys and globally unique identifiers (GUIDs) are stored in PC memory to support BitLocker operations. BitLocker recovery information allows you to access your protected data in case of hardware failures and other problems. This recovery information allows BitLocker to distinguish between authorized and unauthorized users.

Microsoft doesn't use your individual recovery keys for any purpose. When recovery keys are sent to SkyDrive, Microsoft might use aggregate data about them to analyze trends and help improve our products and services.

Choice and control

By default, BitLocker is turned off. On a removable drive, any user can turn BitLocker on or off at any time by opening BitLocker Drive Encryption in Control Panel. An administrator can turn BitLocker on or off for all drives.

If you have chosen to back up your recovery key to SkyDrive, you can access or delete that key at http://skydrive.com/recoverykey.

Windows has several features that help you discover and set up devices on your PC.

What this feature does

DirectAccess enables your PC to remotely and seamlessly connect to your workplace network whenever your PC is connected to the Internet, no matter your location.

Information collected, processed, or transmitted

Each time you start your PC, DirectAccess will attempt to connect to your workplace network, whether or not you're physically located at your workplace. Once connected, your PC will download workplace policy, and you'll be able to access configured resources in the workplace network. Your workplace administrator might leverage DirectAccess connectivity to remotely manage and monitor your PC, including the websites you visit even when you aren't physically located at your workplace.

DirectAccess doesn’t send any information to Microsoft.

Use of information

Your company’s policies determine how the information collected by your workplace administrator is used.

Choice and control

DirectAccess must be configured by your workplace administrator using Group Policy. While your administrator can allow you to temporarily deactivate some elements of DirectAccess, only your workplace administrator can stop Windows from attempting to connect to your workplace for management purposes. If you or your workplace administrator removes your PC from your workplace domain, DirectAccess will no longer be able to connect.

What this feature does

Dynamic Update enables Windows to perform a one-time check with Windows Update to get the latest updates for your PC while Windows is being installed. If updates are found, Dynamic Update automatically downloads and installs them so your PC is up to date the first time that you sign in or use it.

Information collected, processed, or transmitted

To install compatible drivers, Dynamic Update sends information to Microsoft about your PC's hardware. The types of updates Dynamic Update can download to your PC include:

• Installation updates. Important software updates for installation files to help ensure a successful installation.

• In-box driver updates. Important driver updates for the version of Windows that you're installing.

Use of information

Dynamic Update reports information to Microsoft about your PC's hardware to help identify the correct drivers for your system. For more information about how information collected by Dynamic Update is used, see the Update Services Privacy Statement.

Choice and control

At the beginning of installing Windows, you’ll be asked whether you would like to go online to install updates.

What this feature does

The Ease of Access Center enables you to turn on accessibility options and settings to help you more easily interact with the PC.

Information collected, processed, or transmitted

If you use this feature, you'll be asked to select appropriate statements.

These statements include:

• Images and text on TV are difficult to see.

• Lighting conditions make it difficult to see images on my monitor.

• I don’t use a keyboard.

• I am blind.

• I am deaf.

• I have speech impairment.

This information is saved in a non-human-readable format and stored locally on your PC.

Use of information

A set of configuration recommendations are provided to you based on the statements that you choose. This information isn’t sent to Microsoft and isn’t available to other users except you and administrators on your PC.

Choice and control

You can choose which statements you would like to select by going to Ease of Access in Control Panel. You can alter your choices at any time. You can also choose which of the recommendations you want to configure on your PC.

What this feature does

PC users, primarily administrators, can use Event Viewer to view and manage event logs. Event logs contain information about hardware, software, and security events on your PC. You can also get information from Microsoft about events in the event logs by clicking Event Log Online Help.

Information collected, processed, or transmitted

Event logs contain event information generated by all users and apps on the PC. By default, all users can view event log entries; however, administrators can choose to restrict access to event logs. You can access the event logs for your PC by opening Event Viewer. To learn how to open Event Viewer, see Windows Help and Support.

Use of information

Event information that is collected and sent to Microsoft when you click Event Log Online Help is used to locate and then provide you with additional information about the event. Unless you have previously consented to sending event information automatically, clicking the link will display a dialog box asking for your consent to send the information listed in the dialog box over the Internet. If you consent, the information is sent to a website to see if more information about the event is available, including solutions to problems that are recorded as an event. For Microsoft events, the event details will be sent to Microsoft. Microsoft doesn’t use this information to identify or contact you. For events associated with third-party apps, the information will be sent to the location specified by the third-party publisher or manufacturer. If you send information about events to third-party publishers or manufacturers, use of the information will be subject to each third party's privacy practices.

Choice and control

Administrators can choose to restrict access to Event Viewer logs. Users who have full access to event viewer logs can clear them. Unless you have previously consented to sending event information automatically when you click Event Log Online Help, you're asked to confirm that the information presented to you can be sent over the Internet. No event log information will be sent over the Internet unless you consent to send it. Administrators can use Group Policy to select or change the site to which event information is sent.

What this feature does

The fax feature allows you to create and save fax cover pages, and to send and receive faxes using your PC and an external or a built-in fax modem or a fax server.

Information collected, processed, or transmitted

Information collected includes any personal information entered on a fax cover page, as well as identifiers contained within industry standard fax protocols such as Transmitting Subscriber ID (TSID) and Call Subscriber ID (CSID). By default, Windows uses "Fax" as the value for each identifier.

Use of information

Information entered in the sender dialog box is presented on the fax cover page. Identifiers such as the TSID and CSID might contain arbitrary text and are typically used by the receiving fax machine or PC to identify the sender. No information is sent to Microsoft.

Choice and control

Fax access is determined by your user account privileges on the PC. Unless a fax administrator changes access settings, all users can send and receive faxes. By default, all users can view the documents that they send and any fax that is received on the PC. Administrators can see all faxed documents, sent or received, and can configure fax settings, including who has permissions to view or manage faxes, and the TSID and CSID values.

What this feature does

Gadgets are apps that run on the desktop and provide at-a-glance information and easy access to frequently used tools.

Information collected, processed, or transmitted

Some gadgets, such as Currency, Stocks, and Weather, contact the Internet to collect information and might send additional information, such as a location for weather information.

Use of information

Information collected by Microsoft from Microsoft gadgets is used to provide functionality for the gadgets but isn't used to identify or contact you. If you use a non-Microsoft gadget, use of the information will be subject to the gadget provider’s privacy practices.

Choice and control

Certain gadgets, such as Weather, might be pre-configured to contact the Internet when you first use them. However, you might be able to configure or close them later by going to desktop gadgets in Control Panel.

What this feature does

HomeGroup allows you to easily link PCs running Windows 7 (or newer versions) on your home network so that you can share pictures, music, videos, documents, and devices. It also makes them ready to stream media to devices on your home network such as a media extender. You can help protect your homegroup with a password, and you can choose what you want to share.

Information collected, processed, or transmitted

You can access your own files, such as pictures, videos, music, and documents, from any PC in the homegroup. When you join a homegroup, Microsoft account information (including email address, display name, and picture) for all these accounts on your PC will be shared with others in the homegroup in order to enable sharing with those users.

Use of information

The information collected allows PCs in your homegroup to understand who to share content with and how to present it. No information is sent to Microsoft.

Choice and control

You have the ability to add or remove PCs from your homegroup and decide what is shared with other homegroup members. You can create a homegroup and manage its settings by going to HomeGroup in PC settings.

Microsoft Input Method Editors (IMEs) are used with East Asian languages to convert keyboard input to ideograms.

What this feature does

This feature sends a single report to Microsoft containing basic information about your PC and how you installed Windows 8 Release Preview. Microsoft uses this information to help improve the installation experience and to create solutions to common installation problems.

Information collected, processed, or transmitted

The report generally includes information about your installation and Windows Setup experience, such as the date of installation, the time it took for each installation phase to complete, whether the installation was an upgrade or a new installation of the product, version details, operating system language, media type, PC configuration, and success or failure status, along with any error codes.

If you choose to participate in the Installation Improvement Program, the report is sent to Microsoft when you're connected to the Internet. This report doesn't contain contact information, such as your name, address, or phone number. The Installation Improvement Program randomly generates a number called a globally unique identifier (GUID) that is sent to Microsoft with the report. The GUID lets us determine which data is sent from a particular computer over time. The GUID doesn't contain any personal information and isn't used to identify you.

Use of information

Microsoft and our partners use the report to help improve our software. We use the GUID to correlate this data with data collected by the Windows Customer Experience Improvement Program (CEIP), a program you can choose to participate in when you're using Windows 8 Release Preview. CEIP uses the GUID to determine how widespread the feedback we receive is and how to prioritize it. For example, the GUID allows Microsoft to distinguish between one customer experiencing a problem one hundred times and one hundred customers experiencing the same problem once.

Choice and control

You can choose to participate in this program when you install Windows 8 Release Preview by selecting I want to help make Windows installation better.

For more information, see the Windows CEIP section.

What this feature does

Internet printing lets you print over the Internet.

Information collected, processed, or transmitted

When you print using this feature, you must first connect and authenticate yourself to an Internet print server. The information that you'll need to submit to the print server will vary depending on the level of security that the print server supports (for example, you might be asked to provide a user name and password). Because the print job isn’t encrypted, it might be possible for others to see the content being sent. After you're connected, you’re presented with a list of compatible printers. If your PC doesn’t have a print driver for your selected printer, you can choose to download a driver from the print server.

Use of information

The information collected enables you to print using remote printers. If you choose to use a print server hosted by Microsoft, Microsoft doesn’t use the information that you provide to identify or contact you. If you send information to third-party print servers, use of the information will be subject to the third party's privacy practices.

Choice and control

You can enable or disable Internet printing by opening Programs and Features in Control Panel, and then selecting Turn Windows features on or off.

What this features does

You can add the languages you prefer to use to your language list in Windows 8 Release Preview. Apps and websites appear in the first language available in that list. You can add preferred languages by choosing languages from a list provided by Windows or by entering a standard language tag.

Information collected, processed, or transmitted

When you visit websites and install apps on your PC, your list of preferred languages is sent to the websites you visit and is available to the apps you use so they can provide content in your preferred languages.

Use of information

Microsoft doesn't use any language information to identify or contact you. Language information sent or used by third-party websites and apps is subject to the privacy practices of the third-party website or app vendor.

Choice and control

Your list of preferred languages is available to the apps you install and websites you visit. You can add or remove languages from this list in Language preferences in Control Panel. If you don’t have any languages in this list, the language you choose on the Formats tab in Region in Control Panel will be sent to the websites you visit.

On PCs running Windows, "location services" refers to the Windows software and Microsoft online service that are used to determine the approximate physical location of your PC, which is provided to apps or websites that you allow to access it. The Windows Location Platform obtains location from dedicated hardware like a GPS sensor in your PC, or through software like Windows Location Provider.

What this feature does

To provide personalized content, apps can request your name and account picture from Windows. Your name is the friendly name associated with your account. Your account picture will be a default picture included in Windows unless you choose to change it to another picture. If you sign in with a domain account, apps can also get your domain account info, which includes your domain name and domain user name.

Information collected, processed, or transmitted

Apps that use your name and account picture could store or transmit this information.

Use of information

If you use an app provided by a third party, use of your name and account picture will be subject to the third party’s privacy practices. If you use a Microsoft app, the app’s privacy practices will be explained in its privacy statement.

Choice and control

If you choose express settings while setting up Windows, Windows will allow apps to access your name and account picture. If you choose to customize settings, you can control access to your name and account picture by selecting Let apps use my name and account picture under Share info with apps. After installing Windows, you can turn this on and off by opening Privacy in PC settings.

What this feature does

If you have a subscription plan for network access (for example, via a mobile broadband connection), this feature provides information about your subscription plan to apps and Windows features on your PC. Windows features and apps can use this information to optimize their behavior. For example, if you’re on a metered data plan, Windows Update will wait to deliver lower priority updates to your PC until you’re connected to another type of network. This feature also provides information about your network connection, such as signal strength and whether your PC is connected to the Internet.

Information collected, processed, or transmitted

This feature collects Internet and intranet network connectivity information, such as the Domain Name Service (DNS) suffix of your PC, network name, and gateway address of the networks that your PC connects to. This feature also receives subscription plan information such as the amount of data remaining in the plan.

Network connectivity profiles can include a history of all networks visited and the date and time of the last connection. This feature can attempt to connect to a Microsoft server to determine whether you're connected to the Internet. The only data sent to Microsoft during network connectivity checks is standard PC information.

Use of information

If data is sent to Microsoft, it is only used to provide network connectivity status. Network connectivity status is made available to apps and features on your PC that request network connectivity information. If you use a third-party app, use of the information collected will be subject to the third party's privacy practices.

Choice and control

Network Awareness is on by default. An administrator can disable it using the Services options in Administrative Tools in Control Panel. Disabling this feature isn't recommended because it will prevent some Windows features from functioning properly.

What this feature does

Windows Store apps can deliver periodic or real-time information to you that will be displayed briefly as notifications in the corner of the screen. Apps that you choose to use as lock screen apps can also show notifications on top of the lock screen.

Information collected, processed, or transmitted

Store apps can provide text, images, or text and images as notification information. This information is sent from the app provider to you through Windows Notification Service on Microsoft servers.

Use of information

Microsoft only uses notification information to deliver notifications from your apps to you. The notification can be stored temporarily by the Windows Notification Service before delivery to your PC. If a notification can’t be delivered immediately, it will only be stored for a few days before it’s deleted.

Choice and control

You can turn off notifications, for all apps or for individual apps, by opening Notifications in PC settings. To prevent apps from displaying notifications on the lock screen, you can remove them from your list of lock screen apps in Personalize in PC settings, or turn off Show app notifications on the lock screen in Notifications in PC settings. If you turn off notifications for an app, the app provider can still send updates to the Windows Notification Service, but those notifications won’t be delivered to your PC. If you uninstall an app, the app provider will no longer be able to send your notifications to the Windows Notification Service.

What this feature does

Order Prints enables you to send digital pictures stored on your PC or a network drive to an online photo printing service of your choice. Depending on the service, you can have your pictures printed and then delivered using postal mail or you can pick up the prints at a local store.

Information collected, processed, or transmitted

If you decide to place an order with an online photo printing service, your digital photos are sent over the Internet to the service that you selected. The file path (which might include your user name) to the digital pictures that you select might be sent to the service in order to allow the service to display and upload the images. Digital picture files might contain data about the image that was stored with the file by the camera, such as the date and time that the picture was taken or the location where the picture was taken if your camera has GPS capabilities. The files might also contain personal information (such as captions) that might have been associated with the file through the use of digital picture management apps and Windows Explorer. For more information, see the Properties section.

After you select an online photo printing service from Order Prints, you'll be redirected to the service’s website in the Order Prints window. Information you enter on the online photo printing services website is transmitted to the service.

Use of information

The information stored in the digital picture files by the camera might be used by the online photo printing service during the printing process, for example, to adjust the color or sharpness of the image before it is printed. Information stored by digital picture management apps might be used by the online photo printing service to print as captions on the front or back of the print copy. The online photo printing services’ use of this information, and other information you provide to the services, such as information you enter on their websites, will be subject to their privacy practices.

Choice and control

You can use Order Prints to choose which pictures to send and which service to use to print your pictures. Some picture management apps might be able to help you remove stored personal information before sending pictures to be printed. You might also be able to edit the properties of the file to remove stored personal information.

What this feature does

Parental Controls helps parents restrict and monitor the activities of each of their children’s user accounts on a PC. Restrictions can be placed to limit the games their children can play, and what apps they can run. To properly use Parental Controls, only parents should be administrators of their PC, and children should not be granted administrative privileges.

Information collected, processed, or transmitted

Parental Controls settings and the activity log are stored locally. The Parental Controls activity log contains information about a user's activity as well as any changes to parental controls settings for that user.

Use of information

Parental Controls settings are used to determine which activities to restrict or monitor. No information is sent to Microsoft.

Choice and control

Parental Controls are turned off by default. Only administrators can turn this feature on. Administrators can’t be monitored and have full control of the settings and the log. Only users without administrative privileges can be monitored using Parental Controls. Other users can view only the settings an administrator has applied to their own account. A monitored or restricted user will be notified by the presence of an icon in the notification area that Parental Controls are turned on for their account. You can access parental controls by opening Parental Controls in Control Panel.

What this feature does

If an incompatibility problem is found with an app that you try to run, Program Compatibility Assistant will try to help you resolve it. There are two types of apps that it can help with:

• A known incompatible app: If the app is on the list of known incompatible apps that is included in Windows 8 Release Preview, the Program Compatibility Assistant starts. If the app is known to cause a serious problem, it will be blocked. Otherwise, Program Compatibility Assistant warns you about the incompatibility problem and offers you the option of running the app. In either case, the Program Compatibility Assistant gives you the option of checking online for information or solutions.

• An app that fails in a way that indicates incompatibility: If an app fails in a way that is typical of incompatible apps, the Program Compatibility Assistant starts and gives you the option of running the app again with recommended compatibility settings. For example, apps that fail because they require a specific screen resolution might be able to run on your PC even if you use a different screen resolution.

Information collected, processed, or transmitted

If an incompatibility problem is found with an app you attempt to run, a report is generated that includes information such as the app name, app version, the needed compatibility settings, and your actions with the app so far. Known problems about incompatible apps are reported to Microsoft through Windows Error Reporting if you have chosen to participate in that app during Windows Setup or in Control Panel. Apps that fail in a way that is typical of incompatible apps are reported to Microsoft through the Windows Customer Experience Improvement Program (CEIP) if you have chosen to participate in that program during Windows Setup or in Control Panel.

Use of information

Error reports are used to provide you with responses to problems that you report for your apps. Responses contain links (when available) to the app vendor's website so you can learn more about possible solutions. Error reports created due to app failures are used to try to determine which setting to adjust when you encounter compatibility problems for the apps that you're running on this version of Windows. Information reported through CEIP is used to identify app compatibility problems.

Microsoft doesn’t use any information collected through this feature to identify or contact you.

Choice and control

For problems reported through the Microsoft Error Reporting Service, an error report is created only when you select the option to check online for a solution. Unless you have previously consented to report problems automatically so you can check for solutions, you're asked if you want to send the error report. For more information, see the WER section.

Issues that could be reported through Windows CEIP will only be reported if you have chosen to turn CEIP on during Windows Setup or in Control Panel. For more information, see the Windows CEIP section.

What this feature does

If you have a compatibility problem with a desktop app, you can use the Compatibility tab of the app properties window to make app setting adjustments that might allow the app to run successfully.

Information collected, processed, or transmitted

When you apply compatibility settings using the Compatibility tab, Windows CEIP generates a report that contains the app name and the compatibility settings used. Windows will send the report to Microsoft if you have chosen to participate in CEIP during Windows Setup or in Control Panel.

Use of information

Information sent by the Compatibility tab to Microsoft is used to determine and find solutions for compatibility problems for the apps that you're running on this version of Windows. Microsoft doesn’t use the information to identify or contact you.

Choice and control

To learn how to control whether reports are sent to Microsoft, see the Windows CEIP section.

What this feature does

Properties are file information that allow you to quickly search and organize your files. Some properties are intrinsic to the file (for example, the size of the file) while others might be specific to an app or device (for example, the settings of your camera when you took a photo or the location data recorded by the camera for the photo).

Information collected, processed, or transmitted

The type of information stored will depend upon the type of file and the apps that use it. Examples of properties include file name, date modified, file size, author, keywords, and comments. Properties are stored in the file, and they move with the file if it is moved or copied to another location, such as a file share, or sent as an email attachment.

Use of information

Properties can help you more quickly search and organize your files. They can also be used by apps to perform app-specific tasks. No information is sent to Microsoft.

Choice and control

You can edit or remove some properties for a file by selecting the file in Windows Explorer and clicking Properties. Some intrinsic properties, such as date modified, file size, file name, and some app-specific properties can’t be removed this way. For app-specific properties, you can edit or remove them only if the app used to generate the file supports these features.

What this feature does

Remote Access connections allow you to connect to private networks using a virtual private network (VPN) connection and Remote Access Service (RAS). RAS is a component that connects a client PC (typically your PC) to a host PC (also known as a remote access server) using industry standard protocols. VPN technologies allow users to connect to a private network, such as a corporate network, over the Internet.

A Remote Access connections component, Dial-up Networking, allows you to access the Internet using a dial-up modem or broadband technology such as a cable modem or a digital subscriber line (DSL). Dial-up Networking includes dialer components such as RAS Client, Connection Manager, and RAS Phone, as well as command-line dialers like rasdial.

Information collected, processed, or transmitted

The dialer components collect information from your PC such as your user name, password, and domain name. This information is sent to the system that you're attempting to connect with. To help protect your privacy and the security of your PC, security-related information such as your user name and password are encrypted and stored on your PC. 

Use of information

Dialer information is used to help your PC connect to the Internet. A remote access server might keep the user name and IP address information for accounting and compliance purposes, but no information is sent to Microsoft.

Choice and control

For non-command-line dialers, you can choose to save your password by selecting Save this user name and password. You can clear that option at any time to delete the previously saved password from the dialer. Because this option is turned off by default, you might be prompted to provide your password to connect to the Internet or a network. For command-line dialers like rasdial, there is no option to save your password.

What this feature does

RemoteApp and Desktop Connections let you access apps and desktops on remote PCs that have been published online for remote access.

Information collected, processed, or transmitted

When you enable a connection, configuration files are downloaded to your PC from the remote URL you specify. These configuration files link apps and desktops on remote PCs so that you can run them from your PC. Your PC will automatically check for and download updates to these configuration files periodically. These apps run on remote PCs, and information you enter into the apps is transmitted across the network to the remote PCs you chose to connect with.

Use of information

Updates to RemoteApp and Desktop Connections configuration files might include settings changes including providing you with access to new apps; however, new apps will run only if you choose to run them. This feature also sends information to the remote PCs on which the remote apps run. The use of this data by the remote apps is subject to the privacy policies of the apps’ manufacturers and the remote PCs’ administrators. Unless you use RemoteApp and Desktop Connections to access apps and desktops at Microsoft, no information is sent to Microsoft.

Choice and control

You can choose whether you want to use RemoteApp and Desktop Connections. You can add or remove RemoteApp and Desktop Connections by going to RemoteApp and Desktop Connections in Control Panel. You can add a new connection by clicking Set up a new connection with RemoteApp and Desktop Connections, and entering a Connection URL in the dialog box. You can also use your email address to retrieve the Connection URL. You can remove a connection and its connection files by clicking Remove on the connections description dialog box. If you disconnect a connection without closing all open apps, these apps will remain open on the remote PC. RemoteApp and Desktop Connections aren’t shown in the Add or remove programs list in Control Panel.

What this feature does

Remote Desktop connection provides a way for you to establish a remote connection with a host PC that is running Remote Desktop Services.

Information collected, processed, or transmitted

Remote Desktop connection settings are stored in app-local storage or in a Remote Desktop Protocol (RDP) file on your PC. These settings include the name of your domain and connection configuration settings, such as remote PC name, user name, display information, local device information, audio information, clipboard, connection settings, remote app names, and session icon or thumbnail.

Credentials for these connections, as well as Remote Desktop Gateway credentials, are stored using the Credential Manager. A list of trusted Remote Desktop Gateway server names is stored in the registry. This list is stored permanently unless it is deleted by an administrator. No information is sent to Microsoft.

Use of information

Information collected by Remote Desktop connection allows you to connect to host PCs running Remote Desktop Services using your preferred settings. User name, password, and domain information are collected to allow you to save your connection settings and to enable you to double-click an RDP file or click a favorite to launch a connection without having to re-enter this information. No information is sent to Microsoft.

Choice and control

You can choose if you want to use Remote Desktop connection. If you use it, your RDP files and Remote Desktop connection favorites contain information required to connect to a remote PC, including the options and settings that were configured when the connection was automatically saved. You can customize RDP files and favorites, including files for connecting to the same PC with different settings. To modify saved credentials, open Credential Manager in User accounts in Control Panel.

What this feature does

When you sign in to Windows 8 Release Preview with a Microsoft account, Sync your settings makes it easier to have personalized experiences across PCs that are also running Windows 8 Release Preview. When you sign in with a Microsoft account on a second PC for the first time, Windows will download and apply some Windows and Windows Store app settings from the first PC. When this feature is turned on, Windows keeps your settings up to date across the PCs you use. If you choose to use a Microsoft account to sign in to Windows, you'll remain signed in to your Microsoft account as you browse the Internet.

Information collected, processed, or transmitted

If you choose to sign in to Windows with a Microsoft account, Windows syncs certain settings with Microsoft servers. These settings include:

• Language preferences

• Ease of Access preferences

• Personalization settings such as your lock screen image, desktop theme background, and mouse settings

• Windows Store app settings

• Spell check and IME dictionaries

• Web browser history and favorites

• Saved app and web browser passwords

For security purposes, all synced settings are transmitted using SSL. Some of these settings won't be synced on your PC until you add your PC to your Microsoft account as a trusted PC.

Use of information

Windows 8 Release Preview uses this data to provide the syncing service.

Choice and control

When you sign in to Windows 8 Release Preview with a Microsoft account, Sync your settings will be turned on. Sync your settings can be turned off in Sync your settings in PC settings. For more information about your privacy and Microsoft account, see the Windows Live ID / Microsoft Passport Network Privacy Supplement.

What this feature does

Teredo Technology (Teredo) allows PCs and networks to communicate over multiple networking protocols.

Information collected, processed, or transmitted

Each time you start your PC, Teredo will attempt to locate a public Internet Protocol version 6 (IPv6) service on the Internet. This occurs automatically when your PC is connected to a public or private network, but doesn’t occur on managed networks such as enterprise domains. If you use an app that requires Teredo to use IPv6 connectivity, or if you configure your firewall to always enable IPv6 connectivity, then Teredo will periodically contact the Microsoft Teredo service over the Internet. The only information sent to Microsoft is standard PC information and the name of the service requested (for example, teredo.ipv6.microsoft.com).

Use of information

The information sent from your PC by Teredo is used to determine if your PC is connected to the Internet and if it can locate a public IPv6 service. Once the service is located, information is sent to maintain a connection with the IPv6 service.

Choice and control

Using the netsh command line tool, you can change the query that the service sends over the Internet to use non-Microsoft servers instead, or you can turn it off. For detailed instructions, see the “Internet Protocol Version 6, Teredo, and Related Technologies” section of this Windows 7 and Windows Server 2008 R2 technical white paper.

What this feature does

Windows Store apps can deliver periodic or real-time information to you that will be displayed as updates to your apps’ tiles in Start. Apps that you choose to use as lock screen apps can also show updates on the lock screen.

Information collected, processed, or transmitted

Store apps that are pinned to Start can update their tiles with text, images, or text and images. Store apps that are set to show status on the lock screen can update the lock screen with text. This tile information is sent from the app provider to you through WindowsNotification Service on Microsoft servers, and is then stored locally on your PC.

Use of information

Microsoft only uses tile information to deliver updates from your apps to you. This information can be stored temporarily by the Windows Notification Service before delivery to your PC. If a tile update can’t be delivered immediately, it will only be stored for a few days before it’s deleted.

Choice and control

After an app has started receiving tile updates, you can turn them off by selecting the app’s tile in Start and selecting Live tile off in the commands that are available in the app. If you unpin an app from Start or uninstall it, the app will no longer receive tile updates. You can choose which apps can display updates on the lock screen by adding or removing lock screen apps in Personalize in PC settings. If you uninstall an app, the app provider will no longer be able to send tile updates to the Windows Notification Service.

To clear the current updates displayed on your Start tiles, swipe from the right side or point to the upper right corner of Start, tap or click Settings, and then tap or click Settings. Tap or click the Clear button under Clear personal info from my tiles.

What this feature does

The Trusted Platform Module (TPM) is security hardware built into some PCs that, if present and provisioned, enables your PC to take full advantage of advanced security features such as BitLocker Drive Encryption or Secure Boot. Windows features that use the TPM include BitLocker Drive Encryption, Virtual Smart Card, Secure Boot, Windows Defender, and TPM Based Certificate Storage.

Information collected, processed, or transmitted

By default, Windows takes ownership of the TPM and stores the full TPM owner authorization information so it’s only available to the Windows administrators. Limited authorization values are created to perform typical administrative actions and standard user actions and are managed by Windows.

The TPM Management Console allows you to interactively provision the TPM and save the TPM owner authorization value to external media like a USB flash drive after the TPM has been provisioned. A saved file contains the TPM owner authorization information for the TPM. The file also contains the PC name, operating system version, creation user, and creation date information to assist you in recognizing the file.

In a domain environment, the full TPM owner password can be configured by the domain administrator to be stored in Active Directory under a TPM object when the TPM is provisioned.

Each TPM has a unique cryptographic Endorsement Key that it uses to indicate its authenticity. The Endorsement Key can be created and stored in the TPM by your PC's manufacturer, or for older PCs, Windows might need to trigger creation of the Endorsement Key inside the TPM. The private portion of the Endorsement Key is never exposed outside of the TPM, and once it has been created, it usually can't be reset. An Endorsement Key Certificate will be stored in the TPM of most Windows 8 Release Preview computers. The Endorsement Key Certificate indicates that the Endorsement Key exists in a hardware TPM. The certificate is useful for remote verifiers to confirm the TPM conforms to the TPM specifications. The Endorsement Key Certificate is usually signed by the TPM manufacturer or the platform manufacturer.

Use of information

Once the TPM is initialized, apps can use the TPM to create and help secure additional unique cryptographic keys. For example, BitLocker Drive Encryption uses the TPM to help protect the key that encrypts the drive.

If you choose to save the TPM owner password to a file, the additional PC and user information saved inside this file helps you to identify the matching PC and TPM. The TPM endorsement key is used by Windows during TPM initialization to encrypt your TPM owner authorization value before sending it to the TPM. Windows doesn’t transmit cryptographic keys outside of your PC. Windows does provide an interface for third-party apps like antimalware software to use the Endorsement Key for certain TPM scenarios, such as Measured Boot with Attestation. For antimalware software the endorsement key and the endorsement key certificate are useful to confirm boot measurements are provided by a TPM from a specific manufacturer. By default, only administrators or apps with administrative rights can use the TPM endorsement key.

Choice and control

Users or administrators opt in to using the TPM by turning on a Windows feature or running an app that uses the TPM.

You can choose to clear the TPM and reset it to factory defaults. Clearing the TPM removes owner information, and with the exception of the endorsement key, all TPM-based keys or cryptographic information that apps might have created when the TPM was in use.

What this feature does

Certificates are used primarily to verify the identity of a person or device, authenticate a service, or encrypt files. Trusted root certification authorities are the organizations that issue certificates. Update Root Certificates contacts the online Windows Update service to see if Microsoft has added a certification authority to its list of trusted authorities, but only when an app is presented with a certificate issued by a certification authority that isn't directly trusted (a certificate that isn't stored in a list of trusted certificates on your PC). If the certification authority has been added to the Microsoft list of trusted authorities, its certificate will automatically be added to the list of trusted certificates on your PC.

Information collected, processed, or transmitted

Update Root Certificates sends a request to the online Windows Update service that asks for the current list of root certification authorities in the Microsoft Root Certificate Program. If the untrusted certificate is on the list, Update Root Certificates obtains that certificate from Windows Update and places it in the trusted certificate store on your PC. The information transferred includes the names and cryptographic hashes of root certificates.

For more information about Windows Update and your privacy, read the Update Services Privacy Statement.

Use of information

The information is used by Microsoft to update the list of trusted certificates on your PC. Microsoft doesn’t use this information to identify or contact you.

Choice and control

Update Root Certificates is enabled by default. Administrators can configure Group Policy to disable the Update Root Certificates on a PC.

Additional information

If you're presented with a certificate issued by a root authority that isn't directly trusted, and the Update Root Certificates component isn’t installed on your PC, you'll be prevented from completing the action that required authentication. For example, you might be prevented from installing software, viewing an encrypted or digitally signed email message, or using a browser to engage in an encrypted session.

What this feature does

Update services for Windows includes Windows Update and Microsoft Update:

• Windows Update is a service that provides you with software updates for Windows software and other supporting software, such as drivers supplied by device manufacturers.

• Microsoft Update is a service that provides you with software updates for Windows software, as well as other Microsoft software such as Microsoft Office.

Information collected, processed, or transmitted

If you choose to get important software updates for your PC, the Windows Malicious Software Removal Tool (MSRT) might be included with these updates. MSRT checks PCs for infections by specific, prevalent malicious software (“malware”) and helps remove any infections found. If the software runs, it will remove the malware listed on the Microsoft Support website. During a Malware check, a report will be sent to Microsoft with specific information about malware detected, errors, and other information about your PC. For more information, read the Windows Malicious Software Removal Tool privacy statement.

To learn what other information Update Services collects, see the Update Services privacy statement.

Use of information

This MSRT information is used to help improve our antimalware and other security products and services. No information in the MSRT reports will be used to identify or contact you.

To learn how Update Services uses other information, see the Update Services privacy statement.

Choice and control

If you choose express settings while setting up Windows, you turn on the Update Services and set Windows Update to install updates automatically. If you choose to customize settings, you can control the Update Services in Windows Update under Help protect and update your PC. After Windows installs, you can change settings for the Update Services in Control Panel. For more information, see the Update Services privacy statement.

If you have chosen to check for and install important updates, and receive MSRT as part of these updates for your PC, you can disable the software’s reporting functionality by following these instructions on Microsoft Support.

What this feature does

If you choose to participate in Windows CEIP, Microsoft collects basic information about how you use your apps, your PCs, connected devices, and Windows. We also collect information about how each is set up and performing. When you participate, CEIP will also periodically download a file to collect information about problems you might have with Windows. CEIP reports are sent to Microsoft to help improve the features our customers use most often and to create solutions to common problems.

Information collected, processed, or transmitted

CEIP reports can include information such as:

• Configuration information. Information such as how many processors are in your PC, the number of network connections in use, screen resolutions for display devices, and which version of Windows is running.

• Performance and reliability information. Information such as how quickly an app responds when you click a button, how many problems you experience with an app or a device, and how quickly information is sent or received over a network connection.

• App use. Information about the features you use most often, such as how frequently you open apps, how often you use Windows Help and Support, and how many folders you typically create on your desktop.

CEIP reports also contain information about events (event log data) on your PC from up to seven days prior to the time you decide to participate in CEIP. Since most users decide to participate in CEIP within several days of setting up Windows, Microsoft uses this information to analyze and improve the Windows setup experience.

This information is sent to Microsoft when you're connected to the Internet. CEIP reports don’t intentionally contain contact information, such as your name, address, or phone number; however, some reports might unintentionally contain individual identifiers, such as a serial number for a device that is connected to your PC. Microsoft filters the information contained in CEIP reports to try to remove any individual identifiers that they might contain. If individual identifiers are received, Microsoft doesn’t use them to identify you or contact you.

CEIP randomly generates a number called a globally unique identifier (GUID) that is sent to Microsoft with every CEIP report. The GUID lets us determine which data is sent from a particular computer over time. The GUID doesn’t contain any personal information and isn’t used to identify you. CEIP will also periodically download a file to collect information about problems you might have with Windows. This file allows Windows to collect additional information to help create solutions for common problems.

CEIP will also periodically download a file to collect information about problems you might have with Windows. This file allows Windows to collect additional information to help create solutions for common problems.

Use of information

Microsoft uses CEIP information to improve our software. We might also share CEIP information with Microsoft partners so they can improve their software, but the information can’t be used to identify you. We use the GUID to distinguish how widespread the feedback we receive is and how to prioritize it. For example, the GUID allows Microsoft to distinguish between one customer experiencing a problem one hundred times and one hundred customers experiencing the same problem once. Microsoft doesn’t use the information collected by CEIP to identify you or contact you.

Choice and control

If you choose express settings while setting up Windows, you turn on Windows CEIP. If you choose to customize settings, you can control CEIP by selecting Help make Microsoft software and services better by participating in the Customer Experience Improvement Program under Send us info to help make Windows and apps better. If you choose to participate, CEIP will collect the information described above for all users on your computer. After installation, administrators can change this setting in Action Center in Control Panel.

For more information, see the CEIP frequently asked questions online.

What this feature does

Windows Defender looks for malware and other potentially unwanted software on your PC. It offers two ways to help keep malware and other potentially unwanted software from infecting your PC:

• Real-time protection. Windows Defender notifies you when malware or potentially unwanted software tries to install or run on your PC. It also notifies you when apps try to change important Windows settings.

• Scanning options. You can use Windows Defender to scan for malware and other potentially unwanted software that might be installed on your PC, to schedule scans on a regular basis, and to automatically remove any malicious software that is detected during a scan.

If you choose to turn on Automatic Updates (for example, when you choose Express settings in Windows Setup), Windows Update will automatically download and install updated definitions for Windows Defender before scanning. When Defender is enabled, it will remove software that causes a severe or high alert level detected during a scan.

What this feature does

Windows Error Reporting helps Microsoft and Microsoft partners diagnose problems and provide solutions in the software you use. Not all problems have solutions, but when solutions are available, they are offered as steps to solve a problem you’ve reported or as updates to install. To help prevent problems and make software more reliable, some solutions are also included in service packs and future versions of the software.

Windows Error Reporting also provides Setup Repair, an error reporting service that might run during Windows Setup if a problem occurs.

Information collected, processed, or transmitted

Many Microsoft software products, including Windows, are designed to work with the Microsoft Error Reporting Service. If a problem occurs in one of these software products, you might be asked if you want to report it. If you host virtual machines using a Windows operating system, reports generated by the Windows operating system for the Microsoft Error Reporting Service might include information about virtual machines.

The reporting service collects information that is useful for diagnosing and solving a problem that has occurred, such as where the problem happened in the software or hardware, the type or severity of the problem, files that help describe the problem, basic software and hardware information, or possible software performance and compatibility problems.

Additionally, this pre-release version of Windows uses Windows Error Reporting to collect information about apps, drivers, and devices. For example, information about an app might include the name of the app and its executable files and the file path and directory. Information about devices and drivers might include the names of devices you’ve installed on your PC and the executable files associated with those devices drivers. System variables are substituted for path and directory locations that could contain personal information such as user names.

Error reports might unintentionally contain personal information. For example, a report that contains a snapshot of PC memory might include your name, part of a document you were working on, or data that you recently submitted to a website.

If a report is likely to contain this type of information, Windows will ask if you want to send this information, even if you’ve enabled automatic reporting by choosing express settings in Windows setup or in Control Panel. This gives you the opportunity to review the report before sending it to Microsoft. Reports including files and data might be stored on your PC until you have an opportunity to review and send them, or after they have been sent.

If you choose to enable automatic reporting (for example, when you choose express settings in Windows setup), the reporting service will send basic information about where problems occur automatically, but these reports won't have the detail described in this section.

After you send a report, the reporting service might ask you for more information about the problem that occurred. If you choose to provide your phone number or email address in this information, your error report will be personally identifiable. Microsoft might contact you to request additional information to help solve the problem you reported.

The Microsoft Error Reporting Service randomly generates a number called a globally unique identifier (GUID) that is sent to Microsoft with every error report. The GUID lets us determine which data is sent from a particular computer over time. The GUID doesn’t contain any personal information and isn’t used to identify you.

Use of information

Microsoft uses information about errors and problems to improve Microsoft products and services as well as third-party software and hardware designed for use with these products and services. We use the GUID to determine how widespread the feedback we receive is and how to prioritize it. For example, the GUID allows Microsoft to distinguish between one customer experiencing a problem one hundred times and one hundred customers experiencing the same problem once. Microsoft employees, contractors, vendors, and partners might be provided access to information collected by the reporting services. However, they’re only permitted to use the information to repair or improve Microsoft products and services and third-party software and hardware designed for use with Microsoft products and services. If an error report contains personal information, Microsoft doesn’t use the information to identify you or contact you.

Microsoft might share aggregate information about errors and problems. Microsoft uses aggregate information for statistical analysis. Aggregate information doesn’t contain specific information from individual reports, nor does it include any personal or confidential information that might have been collected from a report.

Choice and control

If you choose express settings while setting up Windows, you turn on Windows Error Reporting. If you choose to customize settings, you can control Windows Error Reporting by selecting Use Windows Error Reporting to check for solutions to problems under Check online for solutions to problems. After installation, you can change this setting in Action Center in Control Panel.

For more information, see the Microsoft Error Reporting Service privacy statement.

What this feature does

Windows Feedback Tool allows you to create and send feedback reports to Microsoft about your experience with pre-release versions of Windows.

Information collected, processed, or transmitted

When you send a feedback report to Microsoft, the report might include a set of files with error logs, diagnostic traces, and configuration information.

If you’re participating in a Microsoft Connect program for Windows, you'll have the option to send additional information, which requires you to sign in with your Microsoft account. If you're a Microsoft employee, your employee alias will also be sent with your feedback. In either case, Microsoft might contact you through the Microsoft Connect program or through email to obtain additional information about a problem. Feedback reports sent to Microsoft while you're signed in with your Microsoft account will be associated with your Microsoft Connect account.

For participants in the Microsoft Connect program and Microsoft employees who have signed in, the Windows Feedback Tool will also allow you to submit an optional image of whatever is on the screen as well as an optional recording of actions you can take to reproduce a problem. This recording will include a screenshot of your connected monitors for each step that you take while the issue recording software is running. To review the information in the recording, double-click the name of the issue recording on the report confirmation screen.

Use of information

Microsoft uses feedback information to improve Windows, and the software and hardware designed for use with Windows operating systems. Microsoft employees, contractors, vendors, and partners might be provided access to information collected by the Feedback Tool, but they can use the information only to repair or improve the products that they publish or manufacture.

For example, if an issue report indicates that a third-party product is involved, Microsoft might send that information to the vendor of the product. The vendor might provide the information to sub-vendors and partners, but all parties must abide by the terms of this privacy statement.

To improve the products that run on Microsoft software, Microsoft might also share or publish aggregate information about errors and problems. Aggregate information is used for statistical analysis and doesn’t contain specific information from individual reports and doesn’t include any personal or confidential information that could've been collected from a report.

Choice and control

The Feedback Tool doesn’t automatically send reports to Microsoft. Feedback reports are only sent with your consent. Before you send a report, you’re given an opportunity to review all files that will be sent. If you don’t wish to send these files, don’t submit the issue report.

What this feature does

Windows File Association helps users associate file types with specific apps. If you try to open a file type and it doesn’t have an app associated with it, Windows will ask if you want to use Windows File Association to find an app for the file, which includes searching the Windows Store for a compatible app. Apps that are typically associated with the file name extension are displayed.

Information collected, processed, or transmitted

If you choose to use Windows File Association, the file name extension (for example, docx or pdf) and your PC display language are sent to Microsoft. The rest of the file name isn’t sent to Microsoft. When a file association is made with a particular app, a unique identifier for the app is sent to identify the default app for each file type.

Use of information

When you submit a file name extension, the service returns a list of the apps that Microsoft is aware of that can open files of that extension. Unless you choose to download and install an app, the associations for the file type remain the same.

Choice and control

When you try to open a file type without an associated app, you can choose whether to use Windows File Association. No file association information is sent to Microsoft unless you decide to use the service. Administrators have several options to prevent users from using this service. For more information about administrative options, see the Using Windows 7 and Windows Server: Controlling Communication with the Internet article at the Microsoft TechNet website.

What this feature does

You can use Windows Remote Assistance to invite someone to connect to your PC and help you with a PC problem, even if that person isn't nearby. After connecting, the other person can view your PC. With your permission, the other person can use his or her mouse and keyboard to control your PC and show you how to fix a problem.

Information collected, processed, or transmitted

Windows Remote Assistance creates an encrypted connection between the two PCs over the Internet or the local network. When someone uses Windows Remote Assistance to connect to your PC, that person can see your desktop and any open documents, including any visible private information. In addition, if you allow the other person to control your PC with his or her mouse and keyboard, that person can do things like delete files or change settings. After a connection is made, Windows Remote Assistance will exchange contact information including user name, PC name, and account picture. A session log file maintains a record of all Remote Assistance connections.

Use of information

The information is used to establish an encrypted connection and to provide the other person access to your desktop. No information is sent to Microsoft.

Choice and control

Before you allow someone to connect to your PC, close any open apps or documents that you don't want the other person to see. If at any time you feel uncomfortable about what that person is seeing or doing on your PC, press the Esc key to end the session. You can disable session logging and contact information exchange by clearing these options in Windows Remote Assistance settings.

What this feature does

Windows Search provides you with a quick and consistent entry point to search inside any app that is being used. By default, it enables you to search for your apps, settings, or your files and inside any apps that opt into using Search. Windows Search is accessed by swiping from the right side of the screen, then tapping Search, or by using keyboard shortcuts, and only supports searching a single app at a time. When searching, your search terms are only passed to the app that is in focus. To search another app, the user must select that app in the Search pane.

Information collected, processed, or transmitted

When you use Windows Search, the characters you type in the search field (as you type them) and the final search query you submit are supplied to Windows or the app you're searching in, so it can provide search suggestions and show search results. Windows stores search queries and data about how often you search in the apps.

Use of information

Windows uses the stored previous searches to provide search suggestions in the Search pane. The information stored about how often you search in apps is used to sort the list of searchable apps in the Search pane in order of frequency.   If you search within a third-party app, use of the information collected will be subject to the third party's privacy practices. If you search within a Microsoft app, the app's privacy practices will be explained in its privacy statement.

Choice and control

Windows stores this information by default. You can disable the storage of this information or delete all of your stored previous searches by using the settings and controls in Search in PC settings.

What this feature does

Windows Share lets you share content between Windows Store apps that support sharing. It also lets you share content with your friends.

Information collected, processed, or transmitted

When sharing, the source app passes content to the target app only after you select the target in the Share pane. If the source app hasn’t implemented sharing, you’ll have the option to share an image of whatever appears on the screen. So that you can access them more easily, target apps and people that you frequently share content with will appear in a list in the Share pane. No information is sent to Microsoft.

Use of information

The information stored about how often you share with target apps and people that you frequently share content with is used to sort the list in the Share pane in order of frequency. If you share information with a third-party app, use of the information collected will be subject to the third party's privacy policy. If you share with a Microsoft app, the app's privacy policy will be explained in its privacy statement.

Choice and control

Windows stores this information by default. You can disable the storage of this information or delete all of the stored targets that you share frequently with by using the settings and controls provided in Share in PC settings.

What this feature does

Windows SmartScreen helps keep your PC safe by checking files and apps with Microsoft to help protect you from potentially unsafe files and apps. Windows will ask you what you want to do if a file or app is unknown or potentially unsafe before it is opened.

Information collected, processed, or transmitted

If you choose to use this feature, information about some of the apps you use and some of the files you download from the Internet will be sent to Microsoft. This information might include a file name, file identifier (“hash”), and digital certificate information along with standard PC information and the Windows SmartScreen filter version number. To help protect your privacy, the information sent to Microsoft is encrypted.

Windows SmartScreen randomly generates a number called a globally unique identifier (GUID) that is sent to Microsoft with your SmartScreen usage data. The GUID lets us determine which data is sent from a particular computer over time. The GUID doesn’t contain any personal information and isn’t used to identify you.

Use of information

Microsoft uses the information described above to provide warnings to you about potentially unsafe files and apps. We also use the information to analyze performance of the feature and to improve the quality of our products and services. The information isn't used to identify or contact you.

Choice and control

If you choose express settings while setting up Windows, you turn on Windows SmartScreen. If you choose to customize settings, you can control Windows SmartScreen by selecting Use Windows SmartScreen Filter to check files and apps with Microsoft under Help protect your PC from unsafe content, files, and websites. After installation, you can change this setting in Action Center in Control Panel.

What this feature does

Windows Speech Recognition provides speech recognition within Windows and for any apps that choose to use it. Windows Speech Recognition increases its accuracy by learning how you use language, including the sounds and words you like to use.

Information collected, processed, or transmitted

Windows Speech Recognition stores a list of words and their pronunciations on your PC. Words and pronunciations are added to this list using the Speech Dictionary, and by using Windows Speech Recognition to dictate and correct words.

When the Windows Speech Recognition document review feature is enabled, text from Microsoft Office Word documents (with doc or docx file name extensions) and email (from email folders other than Deleted Items or Junk Mail) on your PC and on any connected file shares included in your Windows search index locations is collected and stored in one-, two-, or three-word fragments. One-word fragments include only words you have added to custom dictionaries, and two- or three-word fragments include only words found in standard dictionaries.

All collected information is stored in your personal speech profile on your PC. Speech profiles are stored for each user, and users aren’t able to access the profiles of other users on your PC. However, administrators can access any profile on your PC. The profile information isn’t sent to Microsoft unless you choose to send it when asked by Windows Speech Recognition. You can review the data before it is sent. If you choose to send this information, acoustic adaptation data that was used to adapt to your audio characteristics is also sent.

If you complete a speech training session, Windows Speech Recognition will ask you whether you wish to send your speech profile information to Microsoft. You can review the information before it’s sent. This information might include recordings of your voice while you completed the training session and the other information from your personal speech profile.

Use of information

Windows Speech Recognition uses words from the speech profile to convert your speech to text. Microsoft uses personal speech profile information to improve our products and services.

Choice and control

You can choose whether to run Windows Speech Recognition. If you run Windows Speech Recognition, document review is on by default. You can choose to change your document review settings the first time you run Windows Speech recognition. You can change your document review settings or delete personal speech profiles (and most document review information) by going to Speech Recognition in Control Panel and clicking Advanced speech options. You can also use the Change existing words option in the Speech Dictionary to delete words that you’ve added to your speech profile. However, deleting your personal speech profile doesn’t delete words added to your personal speech profile through the Speech Dictionary.

You can control the locations that document review will collect word fragments from by modifying the locations included in your Windows search index. To view or modify what locations are included in your Windows search index, open Indexing Options in Control Panel.

At the end of any training session you'll be given the choice whether to send your training and other profile information to Microsoft. You can also send information when Windows Speech Recognition is launched by right-clicking Microphone, and then clicking Help improve speech recognition. In either case, you can view all data files before they are sent, and can choose not to send them.

The Windows Store lets you find, manage, and install apps for your PC. The sections below describe how the Store’s features, and the apps you obtain through the Store, could impact your privacy, and what you can do to control that.

What this feature does

The Windows Time service automatically synchronizes your PC's time with a time server on a network.

Information collected, processed, or transmitted

The service connects to a time server over the Internet or a local network using the industry standard Network Time Protocol. By default, this service synchronizes with time.windows.com once a week. No information other than standard PC information is sent to the time server.

Use of information

Information is used by the Windows Time service to automatically synchronize the local PC's time.

Choice and control

The Windows Time service is turned on by default. You can turn this feature off or choose your preferred time source by going to Date and Time in Control Panel, choosing the Internet Time tab, and clicking Change Settings. Turning off Windows Time Service has no direct effect on apps or other services, but without a reliable time source, the local PC’s clock might get out of sync with other PCs on the network or Internet. Apps and services that depend on time might fail or stop working correctly if there is a significant time discrepancy between networked PCs.

What this feature does

Windows Troubleshooting allows you to diagnose and fix common problems on your PC. If online settings are enabled, Windows Troubleshooting can search and download troubleshooting packs for specific problems.

Information collected, processed or transmitted

When Windows Troubleshooting searches for troubleshooting packs, it will send some information to Microsoft, including information about your PC and the operating system, to determine which troubleshooting packs to offer for your PC. If you attempt to solve a problem by running a troubleshooting pack, Windows Troubleshooting will preserve the troubleshooting results and actions that were taken to solve the problem. These results can be deleted, or sent to a support professional for additional assistance. If the troubleshooting pack can’t solve the problem, Windows Troubleshooting can help you search for problem solutions in Windows Help and Windows communities online.

If online settings are enabled, Windows Troubleshooting will search for and might download a list of troubleshooting packs from Microsoft to help diagnose and fix problems on your PC. If you choose to run a troubleshooting pack that isn't on your PC, Microsoft will download the troubleshooting pack to your PC. After running a troubleshooting pack, the results are saved to your PC. These results might contain personal information, such as your user name or the name of a device. Windows Troubleshooting can help you search for problem solutions in Windows Help and Windows communities online. Keywords associated with the problem will be sent to Microsoft to help find a solution. For example, if your printer isn’t working properly and you look for help, the words "printer," "print," and "printing" are sent to Microsoft.

Use of information

Microsoft uses the information collected from Windows Troubleshooting to help solve problems our users encounter.

Choice and control

If you choose express settings during Windows setup, Windows Troubleshooting will search for online troubleshooting packs by default. To change these settings, go to Troubleshooting in Control Panel. Select Change settings, and clear the check box next to Allow users to browse for troubleshooters available from the Windows Online Troubleshooting service. You can also disable online search by clearing the check box next to Get the most up-to-date troubleshooters from the Windows Online Troubleshooting service. To delete troubleshooting results, click View history, select a result, and then click Delete.