Microsoft Azure · Microsoft Privacy · View original document ↗

Personal Data We Collect — Scope and Categories

High severity Unique · 0 of 343 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Microsoft Azure recorded 3 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Microsoft Azure Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.

This analysis describes what Microsoft Azure's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision defines the operational scope of data collection activities across Microsoft's product ecosystem. The authorization encompasses multiple collection mechanisms—direct provision, interaction tracking, third-party sourcing, and algorithmic inference—which establishes the factual basis for downstream data processing, retention, and sharing practices described elsewhere in the privacy terms.

Recent Activity

This document changed recently

Medium Apr 19, 2026

Microsoft now discloses that it may contact you by phone for marketing using automated dialers and AI-generated voices if you have consented to marketing communications, which represents a new disclosure of contact method and technology type. The company has also reorganized its data retention policy to state it retains data for broader business purposes including improving products and protecting systems, while removing previous specific examples and retention criteria, making it less clear exactly how long specific types of your data will be kept. You should review your consent settings for marketing communications and verify what contact methods you have authorized, particularly if you have concerns about automated or AI-generated calls.

View change record →
Medium Apr 1, 2026

Microsoft's privacy policy now provides a less detailed explanation of how long your data is retained. Previously, the policy included specific examples, such as how long deleted emails remain in your system before final deletion, and listed criteria for deciding retention periods. Now those details are consolidated into a more general statement pointing readers to separate product documentation. This means you'll need to consult multiple documents to understand retention timelines for specific services, which reduces transparency at the point of reading the main privacy policy.

View change record →
Medium Mar 6, 2026

Microsoft's updated retention policy provides greater specificity about how long your data persists and under what conditions it is deleted. The policy now explicitly states that deleted items from OneDrive and Outlook.com may remain in Microsoft's systems for up to 30 days before permanent removal, even after you empty the Deleted Items folder. Additionally, the updated terms clarify that retention periods depend on whether you have an expectation that Microsoft will keep the data until you actively remove it, and whether automated controls exist to let you access and delete data yourself. You can review Microsoft's privacy dashboard to exercise available deletion controls and understand which services retain your data under these criteria.

View change record →

Clause Stability Stable

0
Changes
3
Months Monitored
Apr 27, 2026
First Seen
Apr 27, 2026
Last Seen
This clause type exists across 967 other provisions on other platforms.

Consumer impact (what this means for users)

Users operating Microsoft products and services have their activities subjected to collection under these categories. The scope includes not only explicitly provided information but also derived inferences and content data, the collection of which varies based on product features used and privacy settings configured by the user.

How other platforms handle this

Paramount+ Medium

"By clicking 'Next', you are indicating that you have read and agree to the TERMS OF USE AND PRIVACY POLICY"

OpenAI Medium

We automatically collect certain information from your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Service, we collect information about the individual web pages or products th...

Apple Medium

Customers should know what they're getting when they download or buy your app, so make sure all your app metadata, including privacy information, your app description, screenshots, and previews accurately reflect the app's core experience and remember to keep them up-to-date with new versions.

See all platforms with this clause type →

Monitoring

Microsoft Azure has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
Microsoft collects data from you, through our interactions with you, and through our products. You provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with our products. The data we collect depends on the context of your interactions with Microsoft and the choices you make, including your privacy settings and the products and features you use. We also obtain data about you from third parties. We collect device and usage data, name and contact data, payment data, subscription and licensing data, interactions data (including how you interact with Microsoft products), content (including content of files and communications if necessary to provide you the service), video or voice recordings if you use voice features, location data, and inferences we make about you to create a profile.

— Excerpt from Microsoft Azure's Microsoft Privacy

Applicable regulations

CCPA/CPRA
California, USA
Connecticut Data Privacy Act Amendments
US-CT
CAN-SPAM
United States Federal
DMA
European Union
ePrivacy Directive
European Union
FTC Act Section 5
United States Federal
GDPR
European Union
Indiana Consumer Data Protection Act
US-IN
Kentucky Consumer Data Protection Act
US-KY
Universal Opt-Out Mechanism Expansion 2026
US

Provision details

Document information
Document
Microsoft Privacy
Entity
Microsoft Azure
Document last updated
May 5, 2026
Tracking information
First tracked
April 27, 2026
Last verified
May 10, 2026
Record ID
CA-P-003196
Document ID
CA-D-00018
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
a67035af599dcfcefd7a22ae7c70147370fe6651cb96942500cd2ead91f2a017
Analysis generated
April 27, 2026 09:55 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Microsoft Azure
Document: Microsoft Privacy
Record ID: CA-P-003196
Captured: 2026-04-27 09:55:26 UTC
SHA-256: a67035af599dcfce…
URL: https://conductatlas.com/platform/microsoft-azure/microsoft-privacy/personal-data-we-collect-scope-and-categories/
Accessed: July 4, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
High
Categories

Other risks in this policy

Related Analysis

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Microsoft Azure's Personal Data We Collect — Scope and Categories clause do?

This provision defines the operational scope of data collection activities across Microsoft's product ecosystem. The authorization encompasses multiple collection mechanisms—direct provision, interaction tracking, third-party sourcing, and algorithmic inference—which establishes the factual basis for downstream data processing, retention, and sharing practices described elsewhere in the privacy terms.

How does this clause affect you?

Users operating Microsoft products and services have their activities subjected to collection under these categories. The scope includes not only explicitly provided information but also derived inferences and content data, the collection of which varies based on product features used and privacy settings configured by the user.

Is ConductAtlas affiliated with Microsoft Azure?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Microsoft Azure.