Windows® Small Business Server 2008 Privacy Statement

Updated: March 11, 2009

Applies To: Windows SBS 2008

For the latest version, go to

Microsoft is committed to protecting your privacy, while delivering software that brings you the performance, power and convenience you desire in your personal computing. This privacy statement explains many of the data collection and use practices of Windows® Small Business Server 2008 (“Windows SBS 2008”).  This statement focuses on features that communicate with the Internet. It does not apply to other online or offline Microsoft sites, products or services.

Windows SBS 2008 is designed for greater simplicity, easier deployment and management, network protection, rich business productivity, and high performance using the 64-bit architecture. This new solution is designed for small organizations to easily use, manage and protect the data and applications most critical to their success.

Collection and Use of Your Information

The information we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to enable the features you are using and provide the service(s) or carry out the transaction(s) you have requested or authorized. It may also be used to request additional information on feedback that you provide about the product or service that you are using; to provide important notifications regarding the software; to improve the product or service, for example bug and survey form inquiries; to provide you with advance notice of events; or to tell you about new product releases.

Except as described in this statement, personal information you provide will not be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as packaging, sending and delivering purchases and other mailings, answering customer questions about products or services, processing event registration, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose.

Microsoft may disclose personal information about you if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Microsoft; (b) protect and defend the rights of Microsoft (including enforcement of our agreements); or (c) act in urgent circumstances to protect the personal safety of Microsoft employees, users of Microsoft products or services, or members of the public.

Information that is collected by or sent to Microsoft by Windows SBS 2008 may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union.

Collection and Use of Information about Your Computer

Windows SBS 2008 contains Internet enabled features that can collect information from your computer ("standard computer information") and send it to Microsoft. This information is generally not personally identifiable. Standard computer information typically includes information such as your IP address, operating system version, browser version, and regional and language settings. In some cases, standard computer information may also include hardware ID, which indicates the device manufacturer, device name, and version. If a particular feature or service sends information to Microsoft, standard computer information will be sent as well.

The privacy details for each Windows SBS 2008 feature, software or service listed in this privacy statement describe what additional information is collected and how it is used.

Security of your information

Microsoft is committed to protecting the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure. For example, we store the information you provide on computer systems with limited access, which are located in controlled facilities.

Changes to this privacy statement

We will occasionally update this privacy statement to reflect changes in our products and services and customer feedback. When we post changes to this Statement, we will revise the "last updated" date at the top of this statement. If there are material changes to this statement or in how Microsoft will use your personal information, we will notify you either by prominently posting a notice of such changes prior to implementing the change or by directly sending you a notification. We encourage you to periodically review this statement to be informed of how Microsoft is protecting your information.

For More Information

Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please contact us by e-mail at or by postal mail at:

Windows SBS 2008 Privacy

Microsoft Corporation

One Microsoft Way

Redmond, WA 98052  USA

Specific Features:

Customer Experience Improvement Program

What This Feature Does:

The Customer Experience Improvement Program (“CEIP”) collects basic information about your hardware configuration and how you use our software and services to identify trends and usage patterns. CEIP also collects the type and number of errors you encounter, software and hardware performance, and the speed of services.  CEIP will not collect your name, address, or other contact information.

Information Collected, Processed, or Transmitted:

For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at

Use of Information:

We use this information to improve the quality, reliability, and performance of Microsoft software and services.


CEIP is off by default.  You are offered the opportunity to participate in CEIP in the Getting Started tasks from the Windows SBS Console. If you choose to participate and later change your mind, you can turn off CEIP at any time by doing the following:

  1. Open the Windows SBS Console

  2. From the Getting Started list or the Help menu, click Customer Feedback Options

  3. Select the option to not join CEIP program at this time

  4. Click OK

Microsoft Error Reporting

What This Feature Does:

Microsoft Error Reporting provides a service which allows you to report problems you may be having with Windows SBS 2008 to Microsoft and to receive information that may help you avoid or solve such problems.

Information Collected, Processed, or Transmitted:

For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at

Use of Information:

We use the error reporting data to solve customer problems and improve our software and services.


When Microsoft needs data to analyze a problem, you will be prompted to review the data and choose whether or not to send it.

Important Information:

Enterprise customers can use Group Policy to configure how Error Reporting behaves on their computers. Configuration options include the ability to completely turn off Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available at

Internet Explorer Enhanced Security Configuration

What This Feature Does:

Internet Explorer Enhanced Security Configuration is a feature of Windows Server 2008 that is enabled by default.  It configures your server and Microsoft Internet Explorer to help protect against potential attacks that can occur through Web content and application scripts. As a result, some Web sites may not display or perform as expected.  To provide a more streamlined user experience when installing and using some Microsoft products and services, such as Microsoft Office Live, Windows SBS 2008 may modify your server's trusted sites list in Internet Explorer.


To remove these Web sites in Internet Explorer,

  1. Go to the Tools menu

  2. Select “Internet Options”

  3. Select “Security” tab

  4. Select “Trusted sites” and click the “Sites” button

  5. Highlight a Web site and click the “Remove” button

Microsoft Exchange Server 2007 SP1

Important Information:

Windows SBS 2008 includes Microsoft Exchange Server 2007 SP1 (“Exchange Server”) software.  For more information about Exchange Server, see

Microsoft Forefront Protection 2010 for Exchange Server, Small Business Edition

Important Information:

Windows SBS 2008 includes Microsoft Forefront Protection 2010 for Exchange Server, Small Business Edition (“Forefront Server Security”) software.  Forefront Server Security is a server-level antivirus protection solution that utilizes a multiple scan engine approach for antivirus scanning and content-filtering. For more details on what information is collected and how it is used, see the Forefront Server Security privacy information at

Microsoft Office Live

Important Information:

You can sign up for Microsoft Office Live through Windows SBS 2008. For more details on the data collection and use practices of Microsoft Office Live, see the Microsoft Online Privacy Statement at

Windows Server 2008

Important Information:

Windows SBS 2008 includes Windows Server 2008 software. For information about controlling the Internet-enabled features in Windows Server, see