Privacy and personal data in Intune
Microsoft Intune operates as a data processor on behalf of the customer as necessary to provide customers with the requested service as set forth in the Microsoft Online Services Terms (OST). Personal data is provided directly through Customer Administrator use of Intune through the Azure portal or Microsoft Endpoint Manager admin center, or from customer devices when enrolled for management. Personal data is also collected at third-party services per the customer’s instructions such as setting up Apple Volume Purchasing Program. Customers can receive, transmit, and store data on devices managed by Intune. Personal data is processed and stored within the audited compliance boundary of the Intune service under the technical security measures assured through Microsoft Online Services Terms (OST).
To help Intune admins set expectations on how your data’s privacy is protected, this article provides information on how Intune collects, stores, retains, processes, secures, shares, audits, and exports personal data. You’ll also learn how to review, correct, and delete your personal data.
Microsoft Intune does not use any personal data collected as part of providing the service for profiling, advertising, or marketing purposes.
If you're interested in viewing or deleting personal data, please see the Azure Data Subject Requests for the GDPR article. If you're looking for general info about GDPR, see the GDPR section of the Service Trust portal.
Your company terms and conditions
In addition to the Microsoft Privacy Statement, you can include privacy statements in your company's terms and conditions for end users. Such privacy statements can include information about the usage and privacy of the end user's personal data.
You can display your company's terms and conditions in the Intune Company Portal app. This way, users can review the terms and conditions, including the privacy statement, before they enroll in Intune and access company assets and data.
Submit and view feedback for