Microsoft automatically collects diagnostic and usage data from Windows and other products, including information about how you use your device, application crashes, and system performance.
Diagnostic data collection is largely automatic and enabled by default, meaning consumers passively share detailed device and usage information with Microsoft unless they actively reduce the level of data sharing in their settings.
Mandatory baseline diagnostic data collection may conflict with GDPR data minimisation and consent requirements in enterprise deployments; IT and compliance teams should review Windows diagnostic data levels (Basic vs Full) and configure Group Policy settings accordingly, and assess whether processing of employee device data requires a legitimate interests assessment.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Microsoft collects an extensive range of personal data — including location, voice, typed content, browsing history, and device diagnostics — across all its products and may combine this data for advertising, product improvement, and AI model training. Consumers' personal data may be shared with third-party advertisers, affiliates, and service providers, and inferred data about interests and behaviour is generated even from passive use. You can review and manage your privacy settings, including ad personalisation and data collection preferences, at https://account.microsoft.com/privacy.