diff --git a/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md b/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md index dd37c4b7bf..e4e7932fae 100644 --- a/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md @@ -36,7 +36,7 @@ We do not mine your data for advertising or for any other purpose other than pro ## Do I have the flexibility to select where to store my data? -Yes. Data for this new service is stored in Microsoft Azure datacenters in the United States and European Union based on the geolocation properties you specify when you onboard to the service. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations in which your data will reside. Microsoft will not transfer the data from the specified geolocation except in specific circumstances during the TAP stage (see the question [Is there a difference between how you handle data for the TAP program and for General Availability?](#Is-there-a-difference-between-how-Microsoft-handles-data-for-the-TAP-program-and-for-General-Availability?). If you have concerns about storage of data in a particular country, please contact [winatp@microsoft.com](mailto:winatp@microsoft.com). +Data for this new service is stored in Microsoft Azure datacenters in the United States and European Union based on the geolocation properties subject to the relevant preview program you may be able to specify your preferred geolocation when you onboard to the service. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations in which your data will reside. Microsoft will not transfer the data from the specified geolocation except in specific circumstances during the preview stage. ## Is my data isolated from other customer data? Yes. The new cloud service provides appropriate segregation at a number of levels, such as isolation of files, configurations, and telemetry data. Aside from data access authentication, simply keeping different data appropriately segregated provides well-recognized protection. @@ -52,17 +52,17 @@ Microsoft developers and administrators have, by design, been given sufficient p Additionally, Microsoft conducts background verification checks of certain operations personnel, and limits access to applications, systems, and network infrastructure in proportion to the level of background verification. Operations personnel follow a formal process when they are required to access a customer’s account or related information in the performance of their duties. ## Is data shared with other customers? -No. Customer data is isolated from other customers and is not shared. However, insights on the data resulting from Microsoft processing (for example, deep file analysis processing), and which don’t contain any customer specific data, might be shared with other customers. Each customer can only access data collected from its own organization and generic data that Microsoft provides. +No. Customer data is isolated from other customers and is not shared. However, insights on the data resulting from Microsoft processing, and which don’t contain any customer specific data, might be shared with other customers. Each customer can only access data collected from its own organization and generic data that Microsoft provides. ## How long will Microsoft store my data? What is Microsoft’s data retention policy? Your data privacy is one of our key commitments for the cloud. For this service, at contract termination or expiration, your data will be erased from Microsoft’s systems to make it unrecoverable after 90 days from contract termination or expiration. -## Can you help us maintain regulatory compliance? +## Can Microsoft help us maintain regulatory compliance? By providing customers with compliant, independently-verified services, Microsoft makes it easier for customers to achieve compliance for the infrastructure and applications they run, including this new Microsoft cloud service. -Microsoft provides customers with detailed information about our security and compliance programs, including audit reports and compliance packages, to help customers assess our services against their own legal and regulatory requirements. Windows Defender ATP has a roadmap for obtaining national, regional and industry-specific certifications, starting with ISO 27001. The service is designed, implemented, and maintained according to the compliance and privacy principles of ISO 27001, as well as Microsoft’s compliance standards. +Microsoft provides customers with detailed information about Microsoft's security and compliance programs, including audit reports and compliance packages, to help customers assess Windows Defender ATP services against their own legal and regulatory requirements. Windows Defender ATP has a roadmap for obtaining national, regional and industry-specific certifications, starting with ISO 27001. The service is designed, implemented, and maintained according to the compliance and privacy principles of ISO 27001, as well as Microsoft’s compliance standards. -## Is there a difference between how Microsoft handles data for the TAP program and for General Availability? -When you onboard your service during TAP, you will be asked to choose to store your data in a datacenter either in Europe or United States. Your data will not be copied or moved outside of the datacenter you choose, except in the following specific circumstance: +## Is there a difference between how Microsoft handles data for the preview programs and for General Availability? +Subject to the preview program you are in, you could be asked to choose to store your data in a datacenter either in Europe or United States. Your data will not be copied or moved outside of the datacenter you choose, except in the following specific circumstance: 1. You choose Europe as your datacenter, and 2. You [submit a file for deep analysis](investigate-files-windows-defender-advanced-threat-protection.md#submit-files-for-analysis).