Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft is committed to providing the information you need to manage privacy related concerns in Microsoft Purview. All aspects of Microsoft Purview adhere to Microsoft's privacy governance model, which contains controls on data minimization, retention/deletion, location and transfer, sharing, and more.
For information about Microsoft’s privacy governance model, see: Privacy & data management overview - Microsoft Service Assurance
Data security and privacy
Microsoft Purview processes and stores the following content types:
- Customer data
- End User Identifiable Information (EUII)
- Administrator data
- End User Pseudonymized Identifiers (EUPI)
- Feedback data
These types of data typically are sourced from other Microsoft 365 services, such as Exchange, SharePoint, Teams, and Copilot. Microsoft Purview also sources data when tenant admins configure policies and define data classification labels that can be applied to the organization’s assets. This includes emails, files, chats, messages, or Copilot interactions. EUII, Administrator Data, and EUPI data is sourced from Microsoft Purview tenant administrators or users. Tenant administrators can also bring data from third-party sources so that the solutions offered by Microsoft Purview can be extended to these sets of the organizational data.
Customer data
Microsoft Purview customer data can be categorized as follows:
- Custom configuration settings.
- Search queries: In E-discovery, administrators can perform search and export results. This could contain a portion of the data impacted by the user action, and is retained until the user deletes it. This includes all Microsoft 365 user data including emails, files, Teams chat, and Copilot & AI interactions.
- Alerts
- Reports
- Tenant's data that is ingested from third-party data source through connectors.
- Data classification labels.
End User Identifiable Information (EUII)
This data includes user’s email address, User Principle Name (UPN), end user’s IP address, address book data, UserName, and user display name. EUII data is processed based on tenant admins choices on what solutions are applied to these end user’s data.
Administrator data
This data includes tenant admin’s email address, UPN, IP address, UserName, and display name. These types of data are processed specifically around tenant admin’s activities when they perform administrative duties, such as:
- Set up policies, configurations, or connectors.
- Assign data classification label or policies to users.
- Put a user's data on legal hold
- Assign compliance tasks to users
End user pseudonymized identifier (EUPI)
This data includes UserID, UserKey, and Mailbox GUID. EUPI and EUII are used for user activities, audit logs, eDiscovery search, and service logs.
Feedback data
This data is the feedback about the Compliance solutions that tenant administrator submitted through Unified Feedback Platform within Microsoft Purview.
How are these content types processed?
In the solutions that Microsoft Purview provides, the preceding content types are applied to data assets such as emails, files, chats, messages, or Copilot and AI app interactions. For users managed by tenant admins, this can include monitoring for risky activities, preserving accounts and data, assign tasks, and more. This is done as follows:
| Data asset |
Processing |
|---|---|
| Exchange emails and calendar items |
Microsoft Purview solutions process this data to enable: - Data classification labels - Legal hold - Data Loss Prevention policies - Encryption with customer's own encryption key |
| SharePoint and OneDrive files |
|
| Messages from Teams, Skype for Business, and Yammer |
|
| Copilot and AI app interactions. |
|
| Email subject & metadata | Microsoft Purview solutions process this data for audit that tracks activities of tenant admins, analysts, and users. |
| Calendar item data | |
| List, filename, & metadata from SharePoint and OneDrive. |
Retention
The retention of these types of data is controlled primarily by tenant administrators, except as follows:
eDiscovery: The data that is in scope for eDiscovery case investigation is retained until tenant administrators delete the case when the legal investigation is complete, and the case is closed. A former employee's data won't be deleted until the investigation case is closed as well.
Audit: User activity logs are retained for 180 days by default, 365 days for E5 licensed customers, and 10 years if customers purchase additional license.
Communication policy hits: These are retained as configured by the tenant administrators. The default policy retention is one year.
Configuration and policy data: Thid data is retained until configuration settings or policies are deleted by tenant administrators.
Connector data: All data that is brought into the in-scope Microsoft Purview solutions through connectors are retained until tenant administrators remove the connectors and purge the data.
Administrator data: This is retained until they no longer are the tenant administrator.
Feedback data: This data is retained for 180 days.
When a user or the tenant leaves Microsoft 365 services, their data is retained for 90 days and no longer than 180 days to allow recovery or export of the data, except where specified by policy. For example, for eDiscovery, the data is retained until the tenant admin releases the user’s account from legal hold.
Data residency
Customer data is stored based on where their accounts are provisioned and in accordance with the commitments in the Online Service Terms. For more information, see Where your Microsoft 365 customer data is stored
Data sharing
Data from Microsoft Purview solutions aren't shared outside of Microsoft or across Microsoft without customer consent or authorization. Purview compliance solutions share data with Microsoft Security Copilot as a plugin to Security Copilot. Microsoft Security Copilot processes the following data to provide the Purview Copilot capability.
- Microsoft 365 audit logs collected via the Purview Audit pipeline
- eDiscovery and Communication Compliance data, which could include:
- Emails
- Teams conversations
- Copilot and AI app interactions
- Purview alerts or insights generated by Data Loss Prevention (DLP) and Insider Risk Management (IRM)
- Underlying data that led to such alerts or insights such as audit logs, telemetry data collected by Microsoft Defender for Office related to emails and Teams, DLP or IRM policies
For customers in the Government Community Cloud (GCC), data sharing between government and commercial cloud environments may occur, depending on the location of the service offering.
Data Subject Requests
For information about how to find, access, and act on personal data that resides in Microsoft IT systems, see: Introduction to DSRs
Data privacy and protection – Respond to incidents and subject requests
Regulatory compliance
As a product, Microsoft Purview provides solutions to help manage risk and compliance for your organization. For more information about these product capabilities, see: Microsoft Purview risk and compliance solutions
As an online service, Microsoft Purview aligns to the Microsoft Security Policy (MSP) see: Governance, risk, and compliance overview - Microsoft Service Assurance
For more information information about regulatory compliance in Microsoft Purview, see: Regulatory & industry compliance