Privacy Statement

Microsoft Security Essentials Privacy Statement

Last updated: April 2013

Microsoft is committed to protecting your privacy while delivering products that bring you the performance, power, and convenience you desire in your personal computing. This privacy statement explains many of the data collection and use practices of Microsoft Security Essentials (the "product"). It doesn't apply to other online or offline Microsoft sites, products, or services.

The product helps protect your PC from malicious software (malware) such as viruses, spyware, and other potentially harmful software.

It offers three ways to help protect your PC from malware and other potentially unwanted software:

  • Real-time protection. The product alerts you when malware, spyware, or potentially unwanted software attempts to install or run on your PC. It also alerts you when programs attempt to change important Windows settings.

  • Scanning options. You can use the product to scan for threats, viruses, spyware, and other potentially unwanted software that might be installed on your PC, to schedule scans on a regular basis, and to automatically remove any malicious software that is detected during a scan.

  • Detection. Should malicious software be detected on your computer, certain actions will automatically be taken to remove the malicious software and protect your computer from potential further infection. Once the malicious software is removed, the product may also reset some Windows settings (such as your home page and search provider).

Collection and use of your personal information

When we need information that personally identifies you or allows us to contact you, we will explicitly ask you for it. The personal information that we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to provide the service(s) or carry out the transaction(s) you have requested or authorized, and it may also be used to request additional information on feedback that you provide about the product or service that you're using; to provide critical updates and notifications regarding the pre-release software; or to improve the product or service (for example, bug and survey form inquiries).

Except as described in this statement, personal information you provide won't be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as answering customer questions about products or services, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose.

Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets.

Collection and use of information about your computer

This software contains Internet enabled features that collect certain standard information from your computer ("standard computer information") and send it to Microsoft. Standard computer information includes certain information about your computer software and hardware, such as your IP address, operating system, web browser software, and version. The privacy details for each product feature listed in this privacy statement disclose what additional information is collected and how it is used.

Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.

Recommended settings

If you choose the recommended settings during setup, real-time protection will be enabled and automatic scanning will occur weekly at 2:00 A.M. on Sunday.

Security of your information

Microsoft is committed to protecting the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure.

For more information

Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we haven't adhered to it, please contact us by using our web form. If you have a technical or general support question, please visit http://support.microsoft.com to learn more about Microsoft Support offerings.

Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA · 425-882-8080

Specific features

History tab

What this feature does: This feature provides a list of all malware or suspected malware that the product detected on your PC and the actions that were taken when these programs were detected. The information displayed in the History tab is for items detected for all users - not per user.

Information collected, processed, or transmitted: A list of all malware or suspected malware that the product detected on your computer and the actions taken on these items are stored on your computer. These lists include the product activity for all the local users on the computer. The lists are sent to Microsoft as part of MAPS.

Choice and control: History lists may be deleted by the local computer administrator. By default, all items are displayed for all users. To allow only the local computer administrator to view all items, in the Settings tab, select the Advanced tab and clear the option "Allow all users to view the full History results."

Microsoft Update

What this feature does: The product turns on automatic updating from Windows Update and Microsoft Update to help keep your computer current with updates to Windows and other Microsoft software. This means any software using Windows and Microsoft Update will be impacted by this change. Microsoft Update is essential to providing you with the latest malware threat definition updates for the product.

Information collected, processed, or transmitted: For more information about Windows Update and Microsoft Update, see the Update Services Privacy Statement at http://go.microsoft.com/fwlink?LinkID=76234.

Choice and control: Windows Update and Microsoft Update are turned on by default in order to provide you with the current software and virus signature updates. If you would like to later turn updates off, you can do so through Windows settings. To learn how, see the Update Services Privacy Statement at http://go.microsoft.com/fwlink?LinkID=76234.

Automatic scanning for malware

What this feature does: The product includes an automatic scanning feature, which scans your computer and alerts you if it detects malware. You can turn automatic scanning on or off and change the frequency and type of scans using the product's Settings tab. You can also choose which actions are automatically applied to software that the product detects during a scheduled scan. For severe/high threats, certain actions will automatically be taken by default to remove the malicious software and protect your computer from potential further infection. Once the malicious software is removed, the product may also reset some Windows settings (such as your home page and search provider). For low/medium threats, we will prompt you to take an action. To modify the actions taken in response to these threats, see the Choice and Control section below.

Information collected, processed, or transmitted: A list of all malware or suspected malware that the product detected on your computer and the actions taken on these items are stored on your computer. These lists include the product activity for all the local users on the computer. The lists are sent to Microsoft as part of MAPS.

Choice and control: While not recommended, you can turn off automatic scanning using the product's Settings tab. You can also configure the actions taken for each level of threats in the "Settings" panel of the product.

Real-time protection

What this feature does: The product's real-time protection feature alerts you when viruses, spyware and other potentially unwanted software attempts to install itself or run on your PC. For severe/high threats, certain actions will automatically be taken by default to remove the malicious software and protect your computer from potential further infection. Once the malicious software is removed, the product may also reset some Windows settings (such as your home page and search provider). For low/medium threats, we will prompt you to take an action. To modify the actions taken in response to these threats, see the Choice and Control section below.

Information collected, processed, or transmitted: A list of all malware or suspected malware that the product detected on your computer and the actions taken on these items are stored on your computer. These lists include the product's activity for all the local users on the computer. The lists are sent to Microsoft as part of MAPS.

Choice and control: While not recommended, you can turn off real-time protection using the product's Settings tab. You can also configure the actions taken for each level of threats in the "Settings" panel of the product.

Shell extension

What this feature does: Shell extension is a scanning tool, which lets you select specific files and/or folders and scan them using the product.

Information collected, processed, or transmitted: A list of all malware or suspected malware that the product detected on your computer and the actions taken on these items are stored on your computer. These lists include the product activity for all the local users on the computer. The lists are sent to Microsoft as part of MAPS.

Choice and control: The shell extension feature is a manual tool that you can choose to use or not.

Microsoft Active Protection Service (MAPS)

What this feature does: Microsoft Active Protection Service (MAPS) can help better protect your PC by automatically downloading new signatures for newly-detected malware, and monitoring the security status of your PC. MAPS reports malware and other forms of potentially unwanted software and errors encountered in the product to Microsoft. If a MAPS report includes details about malware or potentially unwanted software that the product may be able to remove, MAPS will download the latest signature to address it. MAPS can also find "false positives" (where something originally identified as malware turns out not to be) and fix them.

Information collected, processed, or transmitted: This feature sends reports about errors, malware, and potentially unwanted software to Microsoft. These reports include information about the files or apps in question, such as file names, cryptographic hash, vendor, size, and date stamps. In addition, MAPS might collect full URLs to indicate the origin of the file, which might occasionally contain personal information such as search terms or data entered in forms. Also, MAPS may collect the IP addresses that the potential malware files connect to. Reports might also include the actions that you applied when the product notified you that software was detected. MAPS reports include this information to help Microsoft gauge the effectiveness of the product's ability to detect and remove malware and potentially unwanted software.

If the product and MAPS are both enabled on your PC, MAPS reports will be automatically sent to Microsoft when the product:

  • detects software or changes to your PC by software that hasn’t been analyzed for risks yet;

  • takes action on malware (as part of its automatic remediation) upon detection;

  • completes a scheduled scan and applies actions to software that it detects, according to your settings; or

  • encounters an error or other problem.

If MAPS reports new malware to Microsoft that the product can remove, new signatures will be automatically downloaded to your computer, helping to protect your machine more rapidly from potential threats.

Microsoft uses error reports to help the product operate as intended—to help protect your computer against potential threats.

You can join MAPS with a basic or an advanced membership. By default you are opted into basic membership. Basic member reports contain the information described in this section. Advanced member reports are more comprehensive and might occasionally contain personal information from, for example, file paths and partial memory dumps. These reports, along with reports from other users who are participating in MAPS, help our researchers discover new threats more rapidly. Malware definitions are then created for apps that meet the analysis criteria, and the updated definitions are made available to all users through Windows Update.

To help protect your privacy, reports that are sent to Microsoft are encrypted.

To help detect and fix certain kinds of malware infections, the product regularly sends MAPS some information about the security state of your PC. This information includes information about your PC’s security settings and log files describing the drivers and other software that load while your PC boots. A number that uniquely identifies your PC is also sent.

Use of information: MAPS reports are used to improve Microsoft software and services. The reports might also be used for statistical or other testing or analytical purposes, and for generating definitions. Only Microsoft employees, contractors, partners, and vendors who have a business need to use the reports are provided access to them. MAPS does not intentionally collect personal information. To the extent that MAPS collects any personal information, Microsoft does not use the information to identify you or contact you.

Choice and control: You may choose your MAPS membership—basic or advanced—at any time by using the "Settings" tab in the product. Please note that MAPS only operates if the product has been enabled on your computer.

When the product is upgraded, Microsoft will honor your settings until you make a change.

Automatic sample submission

What this feature does: The product contains functionality that may identify certain files as potentially unwanted and may request further information to make an assessment. As described below, this feature will automatically send such files without prompting you each time such an action is recommended.

Information collected, processed, or transmitted: This feature sends specific files from your PC that the product suspects might be potentially unwanted software. The report is used for further analysis. These reports may include information about the files or apps in question, such as file names, cryptographic hash, vendor, size, and date stamps. Reports might also include the actions that you applied when the product notified you that software was detected.

Sample submission reports may be automatically sent to Microsoft when the product detects software or changes to your PC by software that hasn’t been analyzed for risks yet when the following are enabled:

  • Automatic sample submission

  • MAPS

Microsoft uses sample submission reports to help the product operate as intended—to help protect your computer against potential threats.

To help protect your privacy, reports that are sent to Microsoft are encrypted.

Use of information: Sample submission reports are used to improve Microsoft software and services. The reports might also be used for statistical or other testing or analytical purposes, and for generating definitions. Only Microsoft employees, contractors, partners, and vendors who have a business need to use the reports are provided access to them. Sample submission reports do not intentionally collect personal information. To the extent that sample submission reports collect any personal information, Microsoft does not use the information to identify you or contact you.

Choice and control: When you install the program for the first time, you will be automatically enrolled in this feature by default during setup. To opt-out you can uncheck the box next to “Turn on automatic sample submission” during setup, or you can opt-out later via the product settings. To turn this feature off, go to the "Settings" tab in the product, select “Advanced” on the left hand bar, and uncheck the box next to “Send file samples automatically when further analysis is required.” Automatic sample submissions operates when product has been enabled on your computer and you are enrolled in MAPS at a basic or advanced level.

During an upgrade, you may be asked if you want to turn automatic sample submission on. Microsoft will honor your settings until you make a change.

Customer Experience Improvement Program

What This Feature Does: The Customer Experience Improvement Program (“CEIP”) collects basic information about your hardware configuration and how you use our software and services in order to identify trends and usage patterns. CEIP also collects the type and number of errors you encounter, software and hardware performance, and the speed of services. We won't collect your name, address, or other contact information.

Information Collected, Processed, or Transmitted:

Use of Information: We use this information to improve the quality, reliability, and performance of Microsoft software and services.

Choice/Control: CEIP is off by default. You're offered the opportunity to participate in CEIP during setup. If you choose to participate and later change your mind, you can turn off CEIP at any time by using the CEIP Opt-out run-time dialog. From the Help menu, open the link named “Customer Experience Improvement Program” and check the ‘Don’t Join’ radio button.