This documents contains the Microsoft Dynamics CRM 2011 Online and On-Premises Privacy Statements

 

Microsoft Dynamics CRM 2011 On-Premises Privacy Statement

Last updated: September 2012

Microsoft is committed to protecting your privacy, while delivering software that brings you the performance, power, and convenience you desire in your personal computing. This privacy statement explains many of the data practices of Microsoft Dynamics CRM 2011 (“CRM”) installed on premises. It does not apply to Microsoft Dynamics CRM Online or other online or offline Microsoft sites, products, or services.

CRM is customer relationship management software, focused mainly on sales, marketing, and service sectors.

Collection and Use of Your Information

The information we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to enable the features you are using and provide the service(s) or carry out the transaction(s) you have requested or authorized. It may also be used to analyze and improve Microsoft products and services.

We may send certain mandatory service communications such as welcome letters, billing reminders, information on technical service issues, and security announcements. Some Microsoft services may send periodic member letters that are considered part of the service. We may occasionally request your feedback, invite you to participate in surveys, or send you promotional mailings to inform you of other products or services available from Microsoft and its affiliates.

In order to offer you a more consistent and personalized experience in your interactions with Microsoft, information collected through one Microsoft service may be combined with information obtained through other Microsoft services. We may also supplement the information we collect with information obtained from other companies. For example, we may use services from other companies that enable us to derive a general geographic area based on your IP address in order to customize certain services to your geographic area.

In order to access certain CRM online services, you will be asked to enter an e-mail address and password, which we refer to as your Microsoft Account. After you create your Microsoft Account, you can use the same credentials to sign in to many different Microsoft sites and services, as well as those of select Microsoft partners that display the Microsoft Account logo. By signing in to one Microsoft site or service, you may be automatically signed in when you visit other Microsoft sites and services. To learn more about how your credential information is used when you sign in to participating sites, please read the Microsoft Online Privacy Statement at http://privacy.microsoft.com/.

Except as described in this statement, personal information you provide will not be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as packaging, sending and delivering purchases and other mailings, answering customer questions about products or services, processing event registration, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose.

Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets.

Information that is collected by or sent to Microsoft by CRM may be stored and processed in the United States or any other country/region in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.

Collection and Use of Information about Your Computer

When you use software with Internet-enabled features, information about your computer ("standard computer information") is sent to the Web sites you visit and online services you use. Microsoft uses standard computer information to provide you Internet-enabled services, to help improve our products and services, and for statistical analysis. Standard computer information typically includes information such as your IP address, operating system version, browser version, and regional and language settings. In some cases, standard computer information may also include hardware ID, which indicates the device manufacturer, device name, and version. If a particular feature or service sends information to Microsoft, standard computer information will be sent as well.

The privacy details for each CRM feature, software or service listed in this privacy statement describe what additional information is collected and how it is used.

Security of your information

Microsoft is committed to helping protect the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure. For example, we store the information you provide on computer systems with limited access, which are located in controlled facilities.

 

Changes to this privacy statement

We will occasionally update this privacy statement to reflect changes in our products, services, and customer feedback. When we post changes, we will revise the "last updated" date at the top of this statement. If there are material changes to this statement or in how Microsoft will use your personal information, we will notify you either by posting a notice of such changes prior to implementing the change or by directly sending you a notification. We encourage you to periodically review this statement to be informed of how Microsoft is protecting your information.

For More Information

Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please contact us here

Microsoft Privacy

ATTN: Dynamics CRM Privacy Manager

Microsoft Corporation
One Microsoft Way
Redmond, Washington 98052 USA

Specific features

The remainder of this document will address the following specific features:

Microsoft Dynamics CRM  for Microsoft Office Outlook

What This Feature Does: Microsoft Dynamics CRM 2011 for Microsoft Office Outlook (“Outlook Client”) lets you track CRM-related information automatically, including e-mail, contacts, tasks, and appointments.

Information Collected, Processed, or Transmitted: In order to use the Outlook Client you may be asked to sign in with your credentials (an e-mail address and password) depending on your type of deployment. You may choose to save this information locally so that you are not asked for your credentials each time you open Microsoft Outlook. If you choose to save this information your Outlook Client will automatically connect to CRM every time you open Microsoft Outlook. The Outlook Client lets you track Microsoft Outlook items like email, contacts, appointments, and tasks. You may track any of the items by clicking the “Track to CRM” button on the toolbar in that item. If you do, the e-mail thread will be visible to the users in your organization who have permission to view it.  You are responsible for setting up the permissions which control access to related CRM data in the organization.  None of this information is sent to Microsoft and CRM does not send any information to other Outlook related third-party web sites, applications, or services.

Choice/Control: You can track your e-mail in CRM in four ways:

(1) Automatically tracking only the responses to the e-mails currently being tracked,

(2) Automatically tracking all e-mail that you send and receive,

(3) Automatically tracking only e-mails from CRM contacts, accounts, leads, etc., and

(4) Automatically tracking all e-mail messages from CRM records that are e-mail enabled.

You can view or change the tracking mechanism by going to the personal settings area in the Outlook Client. Your system administrator can also set this setting for you. Option 1 is the default option – in other words, by default, only the responses to the e-mails you have chosen to track are tracked in CRM. All responses (by you and others) will be tracked until you choose to stop tracking a particular e-mail thread. Once you stop tracking an e-mail thread, the previously sent or received e-mails that were tracked in CRM will remain in CRM unless you delete them manually.

When you untrack an email you will be allowed to choose between two options:

a)       Untrack just the activity without deleting the CRM item, this results in the existing CRM item continuing to be visible to your organization. However, all updates to the activity post the Untrack invocation will not be tracked in CRM.

b)       Untrack the activity and also delete the CRM item, this results in the permanent deletion of the item so that no one in your organization can view it.

The user will be given the choice through a pop-up dialogue when the Untrack button is pressed. Then the user can choose between the two options above to complete the Untrack action.

Activation

What this feature does:

Activation helps reduce software counterfeiting, helping to ensure that Microsoft customers receive the software quality they expect. Once your software is activated, a specific product key becomes associated with the computer (the hardware) on which your software is installed. This association prevents the product key from being used to activate the same copy of the software on multiple computers as counterfeit software. Some changes to your computer components or the software may require you to reactivate the software.

Information collected, processed, or transmitted:

During activation, product key information is sent to Microsoft along with a hardware hash, which is a non-unique number generated from the computer's hardware configuration. The hardware hash does not represent any personal information or information about the software. The hardware hash cannot be used to determine the make or model of the computer and it cannot be backward calculated to determine any additional information about your computer. Along with standard computer information, some additional language settings are collected.

Use of information:

Microsoft uses the information described above to confirm that you have a licensed copy of the software, and then it is aggregated for statistical analysis. Microsoft does not use the information to identify you or contact you.

Choice and control:

Activation is mandatory and must be completed within a predefined grace period. If you choose not to activate the software, you cannot use it after the grace period expires. If the software is not correctly licensed, you will not be able to activate it.

Customer Experience Improvement Program

What This Feature Does:

The Customer Experience Improvement Program (“CEIP”) collects basic information about your hardware configuration and how you use our software and services in order to identify trends and usage patterns. CEIP also collects the type and number of errors you encounter, software and hardware performance, and the speed of services. We will not collect your name, address, or other contact information.

Information Collected, Processed, or Transmitted:

For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at http://go.microsoft.com/fwlink/?LinkId=199851.

Use of Information:

We use this information to improve the quality, reliability, and performance of Microsoft software and services.

Choice/Control: You are offered the opportunity to participate in CEIP during setup and after installation. If you choose to participate and later change your mind, you can turn off CEIP at any time by following the guidance provided in the implementation guide.

Microsoft Error Reporting

What This Feature Does:

Microsoft Error Reporting provides a service that allows you to report problems you may be having with CRM to Microsoft and to receive information that may help you solve such problems.

Information Collected, Processed, or Transmitted:

For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at http://go.microsoft.com/fwlink/?linkid=31490.

Use of Information:

We use the error reporting data to solve customer problems and improve our software and services.

Choice/Control:

You will be offered the opportunity to participate in Microsoft Error Reporting. When you choose to enable it, Microsoft Error Reporting will automatically report problems you encounter to Microsoft. When Microsoft needs additional data to analyze the problem, you will be prompted to review the data and choose whether or not to send it. You can change your Microsoft Error Reporting settings at any time by following the guidance provided in the implementation guide.

Important Information:

Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their computers. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available in the Planning Guide.

Registration

What This Feature Does:

Registration allows Microsoft to provide you with product update information. It also allows Microsoft to notify you of customized information and offers regarding future products.

Information Collected, Processed, or Transmitted:

To complete the registration process, we will ask you to provide some information about yourself, such as your name, mailing address, and e-mail address. In addition, we will automatically send some information about your computer, such as the computer name, computer manufacturer, and a portion of your product key. The partial product key information is used to identify the computer manufacturer and the channel you purchased your computer from. The partial product key cannot be used to uniquely identify your computer.

Use of Information: This data is used to provide you with product update information, such as hot fixes or critical updates. It also allows Microsoft to notify you of customized information and offers regarding future products.

Choice/Control: Users can access and update their contact preferences and registration data after it has been submitted in CustomerSource.

Microsoft Update

What This Feature Does:

Microsoft Update is a service that provides Windows updates as well as updates for other Microsoft software.  CRM utilizes Microsoft Update and the CRM Outlook client, CRM Client, and Server may receive updates to CRM via Microsoft Updates if this feature is enabled within CRM.

Information Collected, Processed, or Transmitted:

For details about what information is collected and how it is used, see the Microsoft Update Services Privacy Statement at http://update.microsoft.com/microsoftupdate/v6/vistaprivacy.aspx?ln=en-us  

Use of Information:

For details about what information is collected and how it is used, see the Update Services Privacy Statement at http://go.microsoft.com/fwlink/?linkid=50142.

Choice/Control:

For details about controlling this feature, see the Update Services Privacy Statement at http://go.microsoft.com/fwlink/?linkid=50142 and reference the implementation guidelines.

 

Microsoft Dynamics CRM Online 2011 Privacy Statement

Last updated: September 2012

Microsoft is committed to protecting your privacy. This privacy statement applies to the data collected by Microsoft through the Microsoft Dynamics CRM Online (the “CRM Online”); it does not apply to on premises versions of Microsoft Dynamics CRM 2011 or other online or offline Microsoft sites, products, or services.

CRM Online is customer relationship management software delivered as a cloud service hosted by Microsoft, focused mainly on sales, marketing, and service sectors.

We comply with all data protection and privacy laws generally applicable to our provision of the CRM Online. CRM Online are services operated in a consistent manner across multiple customers. Accordingly, we are not responsible for compliance with any data protection or privacy law applicable to specific categories of data or to you or your industry and not generally applicable to information technology ("IT") service providers.

Collection of Your Information

We will ask you when we need information that personally identifies you or allows us to contact you. The personal information we collect may include your name, e-mail address, other contact information and demographic information.

We may collect information about your visit to the CRM Online. For example, we may use Web CRM Online analytics tools to retrieve information from your browser, including the CRM Online you came from, the search engine(s) and the keywords you used to find our CRM Online, the pages you view within the CRM Online, your browser add-ons, and your browser's width and height. Additionally, we collect certain standard information that your browser sends to every Web CRM Online you visit, such as your IP address, browser type and language, access times and referring Web CRM Online addresses.

In order to offer you a more consistent and personalized experience in your interactions with Microsoft, information collected through one Microsoft service may be combined with information obtained through other Microsoft services. We may also supplement the information we collect with information obtained from other companies. For example, we may use services from other companies that enable us to derive a general geographic area based on your IP address in order to customize certain services to your geographic area.

To sign in to the CRM Online, you will be asked to enter an e-mail address and password, which we refer to as your Microsoft Account. After you create your Microsoft Account, you can use the same credentials to sign in to many different Microsoft sites and services, as well as those of select Microsoft partners that display the Microsoft Account logo. By signing in on one Microsoft site or service, you may be automatically signed in when you visit other Microsoft sites and services. To learn more about how your credential information is used when you sign in to participating sites, please read the Microsoft Online Privacy Statement at http://privacy.microsoft.com/.

Customer Data

"Customer Data" means all data, including all text, sound, or image files that are provided to us by, or on behalf of, you through your use of the CRM Online.

We will process Customer Data in accordance with the provisions of this Privacy Statement and, except as stated in your agreements and this Privacy Statement, we (a) will acquire no rights in Customer Data and (b) will not use or disclose Customer Data for any purpose other than stated below. Our use of Customer Data is as follows:

· Customer Data will be used only to provide you with CRM Online. This may include troubleshooting aimed at preventing, detecting and repairing problems affecting the operation of the CRM Online and the improvement of features that involve the detection of, and protection against, emerging and evolving threats to the user (such as malware or spam).

· We will not disclose Customer Data to law enforcement unless required by law. Should law enforcement contact us with a demand for Customer Data, we will attempt to redirect the law enforcement agency to request it directly from you. As part of this effort, we may provide your basic contact information to the agency. If compelled to disclose Customer Data to law enforcement, we will use commercially reasonable efforts to notify you in advance of a disclosure unless legally prohibited.

Upon expiration or termination of your use of the CRM Online, you may extract Customer Data and we will delete Customer Data, each in accordance with your agreements.

We will not substantively respond to data protection and privacy requests from your end users without your prior written consent, unless required by applicable law.

Use of Your Information

The information collected on this CRM Online will be used to operate the CRM Online and to provide the service(s) or carry out the transaction(s) you have requested or authorized. Information collected during a session may also be used to personalize your experience during that session.

In support of these uses, Microsoft may use your information to provide you with more effective customer service, improve the CRM Online and any related Microsoft products or services, perform statistical analysis, and make the CRM Online easier to use by eliminating the need for you to repeatedly enter the same information or by customizing the CRM Online to your particular preferences or interests.

We may use your information to provide you with important information about the product or service that you are using, including critical updates and notifications. Additionally, with your permission, we may send you information about other Microsoft products and services, and/or share your personal information with Microsoft partners so they may send you information about their products and services.

We may hire other companies to provide limited services on our behalf, such as providing customer support. Any such subcontractors will be permitted to obtain Customer Data only to deliver the services we have retained them to provide, and they are prohibited from using Customer Data for any other purpose. We remain responsible for our subcontractors' compliance with the obligations of this privacy statement. Any subcontractors to whom we transfer Customer Data will have entered into written agreements requiring that the subcontractor provide at least the same level of privacy protection with respect to personal data received from us as is required by the relevant Safe Harbor principles. You consent to our transfer of Customer Data to subcontractors as described in this Privacy Statement. Except as set forth above, or as you may otherwise authorize, we will not transfer to any third party (not even for storage purposes) personal data you provide to us through the use of CRM Online.

We may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets.

Information that is collected on the CRM Online may be stored and processed in the United States or any other country/region in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.

Control of Your Information

Except as otherwise described in this statement, personal information you provide on the CRM Online will not be shared outside of Microsoft and its controlled subsidiaries and affiliates without your permission.

Please be aware that this privacy statement and any choices you make on the CRM Online will not necessarily apply to personal information you may have provided to Microsoft in the context of other, separately operated, Microsoft products or services.

Your Responsibilities

You must comply with applicable legal requirements for privacy, data protection and confidentiality of communications related to your use of CRM online.

If you have provisioned an CRM Online organization, you agree that we may use some of the information you provide about your end users to contact those end users in order to provide tips and advice for getting the most from our products and services and to communicate with them about other Microsoft offers or products.

Additional European Terms. If you have end users in the European Economic Area or Switzerland, the following additional terms will apply to you. Terms used in this Section that are not specifically defined will have the meaning in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data ("EU Data Protection Directive").

· Role of the parties. For the CRM Online, you are the data controller and we are a data processor acting on your behalf. As data processor, we will only act upon your instructions. This Privacy Statement, together with your agreements, are your complete and final instructions to us for our processing of Customer Data.

· Duration and object of data processing. The duration of data processing shall be for the term designated under your agreements. The objective of the data processing is the performance of CRM Online.

· Scope and purpose of data processing. The scope and purpose of processing of Customer Data, including any personal data included in the Customer Data, is described in this Privacy Statement.

· Customer Data Access. For the term designated under your agreements we will, at our election and as necessary under applicable law implementing Article 12(b) of the EU Data Protection Directive, either: (1) provide you with the ability to correct, delete, or block Customer Data, or (2) make such corrections, deletions, or blockages on your behalf.

· Data Protection Officer. Microsoft Ireland Operations Limited is our data protection representative for the European Economic Area and Switzerland. The data protection officer of Microsoft Ireland Operations Limited can be reached at the following address:

Microsoft Ireland Operations, Ltd.

Attn: Data Protection

Carmenhall Road

Sandyford, Dublin 18, Ireland

Access to Your Personal Information

You may view or edit your personal information online at
http://billing.microsoft.com. The process for changing your personal information is also described in more detail here in the section called “managing your account/updating your account information” https://billing.microsoft.com/helppane.aspx?helppagename=qafecivres. In order to help prevent your personal information from being viewed by others, you will be required to sign in with your credentials (e-mail address and password). Alternatively, you can write us by using our Web Form and we will contact you within 30 days regarding your request.

Security of Your Information

At Microsoft, we take the security of your personal information very seriously. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, we store the personal information you provide on computer servers with limited access that are located in controlled facilities. Additionally, if we transmit sensitive personal information (such as a credit card number) over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol.

Use of Cookies

We may use cookies on this CRM Online to enable you to sign in to our services or to help personalize the CRM Online. A cookie is a small text file that is placed on your hard disk by a Web server.
Cookies contain information that can later be read by a Web server in the domain that issued the cookie to you. Cookies cannot be used to run programs or deliver viruses to your computer. One of the primary purposes of cookies is to provide a convenience feature to save you time. For example, if you personalize a Web page, or navigate within a site, a cookie helps the site to recall your specific information on subsequent visits. This simplifies the process of delivering relevant content, eases site navigation, and so on. When you return to the Web site, the information you previously provided can be retrieved, so you can easily use the site's features that you customized.

You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you are using Internet Explorer, search for “Cookies” in the Help menu to find detailed instructions. If you choose to decline cookies, you may not be able to use interactive features of this or other Web sites that depend on cookies.

Use of Web Beacons

Pages on this Site may contain electronic images known as Web beacons - sometimes called single-pixel gifs - that may be used to assist in delivering cookies, to allow us to count users who have visited those pages, and to deliver other services. We may also include Web beacons in e-mail messages or our newsletters in order to determine whether messages have been opened and acted upon.

Microsoft may also employ Web beacons from third parties in order to help us compile aggregated statistics and determine the effectiveness of operations of our sites. We prohibit Web beacons on our sites from being used by third parties to collect or access your personal information.

Changes to this Privacy Statement

We may occasionally update this privacy statement. When we do, we will also revise the "last updated" date at the top of the privacy statement. For material changes to this privacy statement, we will notify you either by placing a prominent notice on the home page of our Web CRM Online or by directly sending you a notification. We encourage you to periodically review this privacy statement to stay informed about how we are helping to protect the personal information we collect.

Contact Information

Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please contact us
here:

Microsoft Privacy

ATTN: Dynamics CRM Privacy Manager

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399 USA

Specific features

The remainder of this document will address the following specific features:

Bing Maps app in CRM

If you use Microsoft Dynamics CRM the Bing Maps feature automatically sends the address over the internet to the Bing Maps service to display an online map of the address within CRM.  If you click on the Bing Maps within CRM you will be redirected to www.bing.com/maps. Your use of Bing Maps is also governed by the Bing Maps End User Terms of Use available at:  http://go.microsoft.com/?linkid=9710837.

Your administrator can turn on or off the Bing Maps feature in the Settings->Administration->System Settings area. Turning the Bing Maps app off disables the feature within CRM.

Information sent to Bing Maps is subject to the Bing Maps Privacy Statement available at: http://go.microsoft.com/fwlink/?LinkID=248686.

Yammer

Connecting Microsoft Dynamics CRM with Yammer will enable certain data to be shared between the two services.  At the direction of you or your end users, the following data will be transmitted to Yammer through Microsoft Dynamics CRM: (i) posts; (ii) links to CRM records; (iii) information contained in the description field of the CRM records; and (iv) any other activity or content you or your end users share with Yammer. Yammer’s Terms of Use are available at https://www.yammer.com/about/terms/ and Privacy Statement are available at https://www.yammer.com/about/privacy/ and apply to customer data sent to Yammer.