Windows Server2012 Essentials RCP rivacy Statement ENU

Shared by: HC120910225843

Tags

Stats

views:: 0
posted:: 9/10/2012
language:: English
pages:: 16

Public Domain

Document Sample

Privacy Statement for the Beta and Release Candidate
Pre-releases of Windows Essentials 2012
Last updated: July 2012
Microsoft® is committed to protecting your privacy while delivering software that brings you the performance, power,
and convenience that you desire in your personal computing. This privacy statement explains many of the data
collection and use practices of the Beta and Release Candidate versions of Windows® Essentials 2012 (The features in
the Beta and Release Candidate versions are the same, and hereinafter, they will be referred to as the Windows
Essentials 2012 “Pre-releases.”) This is a preliminary disclosure that focuses on features that communicate with the
Internet, and it is not intended to be an exhaustive list. It does not apply to other online or offline Microsoft sites,
products, or services.
Windows Essentials 2012 “Pre-releases” is designed using the 64-bit architecture, which provides simplicity, easier
deployment and management, network protection, rich business productivity, and high performance. This solution is
designed for small organizations to easily use, manage, and protect the data and applications most critical to their
success. It can seamlessly integrate into online services to leverage the power of cloud.
Collection and use of your information
The information we collect from you is used by Microsoft and its controlled subsidiaries and affiliates to enable the
features that you are using and to provide the service(s) or carry out the transaction(s) you have requested or
authorized. It may also be used to analyze and improve Microsoft products and services.
We may send certain mandatory service communications such as welcome letters, billing reminders, information
about technical service issues, and security announcements. Some Microsoft services may send periodic member
letters that are considered part of the service. We may occasionally request your feedback, invite you to participate in
surveys, or send you promotional mailings to inform you of other products or services that are available from
Microsoft and its affiliates.
To offer you a more consistent and personalized experience in your interactions with Microsoft, information that is
collected through one Microsoft service may be combined with information obtained through other Microsoft
services. We may also supplement the information we collect with information obtained from other companies. For
example, we may use services from other companies, which enable us to derive a general geographic area based on
your IP address, to customize certain services to your geographic area.
To access certain Windows Essentials 2012 “Pre-releases” online services, you will be asked to enter an email address
and password, which we refer to as your Windows Live™ ID. After you create your Windows Live ID, you can use the
same credentials to sign in to many Microsoft sites and services and to the sites of select Microsoft partners that
display the Windows Live ID logo. By signing in to one Microsoft site or service, you may automatically be signed in
when you visit other Microsoft sites and services. To learn more about how your credential information is used when
you sign in to participating sites, please read the Microsoft Online Privacy Statement at
http://go.microsoft.com/fwlink/?LinkID=248681.
Except as described in this statement, personal information that you provide will not be transferred to non-Microsoft
parties without your consent. We occasionally hire companies to provide limited services on our behalf, such as
packaging, sending and delivering purchases and other mailings, answering customer questions about products or
services, processing event registration, or performing statistical analysis of our services. We will provide those
companies only the personal information they need to deliver the service, and they are prohibited from using that
information for any other purpose.
Microsoft may access or disclose information about you, including the content of your communications, to: (a)
comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or
our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act
on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft
employees, customers, or the public. We may also disclose personal information as part of a corporate transaction,
such as a merger or sale of assets.
Information that is collected by or sent to Microsoft by Windows Essentials 2012 “Pre-releases” may be stored and
processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or service
providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of
Commerce regarding the collection, use, and retention of data from the European Union, the European Economic
Area, and Switzerland.
Collection and use of information about your computer
When you use software with Internet-enabled features, standard computer information is sent to the websites you
visit and online services that you use. Microsoft uses standard computer information to provide you Internet-enabled
services, to help improve our products and services, and for statistical analysis. Standard computer information
typically includes information such as your IP address, operating system version, browser version, and regional and
language settings. In some cases, standard computer information may also include hardware ID, which indicates the
device manufacturer, device name, and version. If a particular feature or service sends information to Microsoft,
standard computer information is also sent.
Because this is a prerelease version of the software, some of these Internet-enabled features are turned on by default
so that we can collect enough information about how the software is working to improve the commercially released
software. The default settings in this prerelease software do not necessarily reflect how these features will be
configured in the commercially released software.
The privacy details for each feature, software, or service in Windows Essentials 2012 “Pre-releases,” that are listed in
this privacy statement describe what additional information is collected and how it is used.
Security of your information
Microsoft is committed to helping protect the security of your information. We use a variety of security technologies
and procedures to help protect your information from unauthorized access, use, or disclosure. For example, we store
the information that you provide on computer systems with limited access, which are located in controlled facilities.
Changes to this privacy statement
We will occasionally update this privacy statement to reflect changes in our products, services, and customer
feedback. When we post changes, we will revise the "last updated" date at the top of this statement. If there are
material changes to this statement or in how Microsoft will use your personal information, we will notify you by
posting a notice of such changes prior to implementing the change or by directly sending you a notification. We
encourage you to periodically review this statement to be informed about how Microsoft is protecting your
information.
For more information
Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or
believe that we have not adhered to it, please contact us by email at wseprivacy@microsoft.com, or by postal mail at:
Windows Server Essentials Privacy
Microsoft Corporation
One Microsoft Way
Redmond, Washington 98052 USA

Specific features
The remainder of this document will address the following specific features:

Activation
What this feature does: We ask that you activate Windows Essentials 2012 “Pre-releases” so that we can verify that
your installation is completed with a genuine Microsoft product. When you activate Windows Essentials 2012 “Pre-
releases,” you are not required to send any contact information to Microsoft, such as your name or email address.
Information collected, processed, or transmitted: During activation, product key information is sent to Microsoft,
such as:
 The Microsoft product code, which is a five-digit code that identifies the product you are activating.
 A channel ID or site code, which identifies where you obtained the product. For example, it identifies
whether the product was sold at a retail store, is an evaluation copy, is subject to a volume licensing
program, was preinstalled by the computer manufacturer, and so on.
 The date of installation.
 Information that helps confirm that the product key information has not been altered.
Activation also sends to Microsoft a hardware hash, which is a non-unique number generated from the computer's
hardware configuration. The number does not represent any personal information or information about the software.
The hardware hash cannot be used to determine the make or model of the computer and it cannot be calculated to
determine any additional information about your computer. In addition to the standard computer information, some
language settings are collected.
Use of information: Microsoft uses the information previously described to confirm that you have a licensed copy of
the software, and then it is aggregated for statistical analysis. Microsoft does not use the information to identify you
or contact you.
Choice and control: Activation is mandatory, and it must be completed within a predefined grace period. If you
choose not to activate the software, you cannot use it after the grace period expires. After the grace period expires,
you will start receiving warnings on your server. If the software is not correctly licensed, you will not be able to
activate it.
Important information: Windows Essentials 2012 “Pre-releases” can detect and tolerate changes to your computer
configuration. Minor upgrades will not require reactivation. If you completely overhaul your computer, you may be
required to activate Windows Essentials 2012 “Pre-releases” again.

Server Migration
What this feature does: The Server Migration feature enables migrating domain settings and data from a Source
Server running a Windows Small Business Server operating system to a Destination Server running Windows
Essentials 2012 “Pre-releases.” The Source Server tool will be run to prepare the Source Server before migration. You
can migrate a Source Server that is running the following operating systems:
 Windows Small Business Server 2003
 Windows Small Business Server 2008
 Windows Small Business Server 2011 Standard
 Windows Small Business Server 2011 Essentials
 Windows Server 2008 Foundation
 Windows Server 2008 R2 Foundation
Information collected, processed, or transmitted: The Source Server tool will not collect and send any information to
Microsoft from the Source Server. During migration, the Source Server’s name and internal IP address is sent to locate
and connect the Destination Server to the Source Server. The administrator account name and password is also sent
to the Destination Server to enable it to access the information on the Source Server. None of this information is sent
to Microsoft.
Choice and control: If you do not want the server migration process to collect the Source Server information and
share it with the Destination Server during server deployment, select Clean install instead of Server Migration.

Launchpad
What this feature does: The Launchpad in Windows Essentials 2012 “Pre-releases” is a client-side application that
provides access on a secure network to the core set of server features, including client backup, remote access to your
network, and easy access to centralized data. The Launchpad provides network administrators with real-time
notifications, network status, and access to the management Dashboard. It also enables non-Microsoft parties to add
features to the system running Windows Essentials 2012 “Pre-releases.”

Information collected, processed, or transmitted: No data is collected or sent to Microsoft. The user name and
password is not cached on the client computer, but they are sent through the network to the server running Windows
Essentials 2012 “Pre-releases.”

Choice and control: Users sign in to the Windows Essentials 2012 “Pre-releases” Launchpad by using their user name
and password.
Connector software and computer backup
What this feature does: Connector software joins a client computer to the server running Windows Essentials 2012
“Pre-releases.” It also installs and activates core and common components in Windows Essentials 2012 “Pre-
releases,” such as automatic client back up, health monitoring, and the Launchpad. In addition, .NET Framework 4.5 is
installed if it is not present. The Connector software enables Remote Desktop and VPN on client computers running
Windows 7 Professional, Enterprise, or Ultimate.
After you install and configure the Connector software for Windows Essentials 2012 “Pre-releases” on a computer on
your network, Windows Essentials 2012 “Pre-releases” automatically backs up folders from the client computer to the
server.

Information collected, processed, or transmitted: Folders on the client computer (including data files, system files,
and applications) are backed up to the server running Windows Essentials 2012 “Pre-releases.” Temporary files, such
as the system cache and the temporary Internet files are not backed up.
Client computer setup log files are copied to the Connector software directory on the client computer. These files
may contain information about the applications and the hardware that are installed on the client computer. None of
this information is sent to Microsoft.

Use of information: The contents of backed up folders in Windows Essentials 2012 “Pre-releases” are visible to all
administrators. The backup can be used to restore lost or corrupted files or entire volumes.
Choice and control:
 Connector software: Users can run Connector software from client computers from
http://servername/connect/. Backups automatically occur when the Connector software is configured.
 Computer backup: All computers are configured by default for backup when the Connector software is
installed and configured. Default configuration includes all available NTFS volumes on each computer
system. Administrators can view and change what is being backed up from each computer that is connected
to the server. Backup happens automatically if Connector software is installed and configured on the
computer. The server administrator can disable automatic backup for any computer that is connected to a
server running Windows Essentials 2012 “Pre-releases” by using the Dashboard Devices tab. Local users on
a client computer can start manual backup of their computer using the Launchpad.
To start a manual backup, open the Launchpad, click Backup, open Backup Properties, and then click Start Backup.
With Windows Essentials 2012 “Pre-releases,” administrators can perform a single file restore or a full computer
restore of a backed up client computer.

File History integration
What this feature does: If a user joins a computer running Windows 8 Release Preview to the network running
Windows Essentials 2012 “Pre-releases,” File History is automatically turned on for this client computer. It backs up
the user’s profile data (Desktop, Libraries, Contacts, and Favorites) to the server.
Information collected, processed, or transmitted: The profile data will be backed up to a folder that is by default only
accessible to the user. The administrator could configure the backup frequency and retention. These settings will be
pushed to all the computers running Windows 8 Release Preview in the domain, if and only if File History
management is turned on for this computer. None of this information is sent to Microsoft.

Use of information: The backup can be used to restore lost or corrupted files and the user could perform the restore
from the client computer by using Windows Explorer.
Choice and control: The administrator is responsible for notifying the user about this backup. The administrator can
turn off File History management for all the computers associated with the server, or turn off management for a
specific computer.

Dashboard
What this feature does: Windows Essentials 2012 “Pre-releases” provides administrators with a management
Dashboard that allows them to manage their server system. The administrator can view the status of all the servers or
computers joined to the network running Windows Essentials 2012 “Pre-releases.”
Information collected, processed, or transmitted: Some information from the client computers that will be collected
and displayed in the Dashboard, include:
 Computer name, operation system, online/offline status
 Backup status, update status, security status (firewall and antivirus setting)
 Alert information
No personal information is collected or sent to Microsoft.
Use of information: The data displayed in the Dashboard gives the administrator an overview of the computers in the
network, their health, and their connection status.

Choice and control: The administrator can sign into the Dashboard using the server administrator password that is
configured during server setup.

Remote Connection Monitoring
What this feature does: Remote Connection Monitoring enables a system administrator to monitor the current
remote user connections to the server, and to browse the history of remote connections to the server.
Information collected, processed, or transmitted: When a user is remotely connected to the server, the user name
and password are sent to the server. The remote connection’s host computer name and IP address, application name,
application version (if available), and publisher (if available), are also sent from the client to the server. None of the
information is sent to Microsoft.
Use of information: The user name and password are used for authentication. The other information is available on
the Dashboard for the administrator to monitor the connection. The data is saved on the server for six months, with
administrator access only.

Choice and control: You cannot turn off the Remote Connection Monitoring functionality. If you don’t want to send
this information from a client to the server, don’t configure Anywhere Access on the server, or don’t enable
Anywhere Access for the particular user.

Health alerts
What this feature does: Windows Essentials 2012 “Pre-releases” can help detect when your server, client computers,
or other servers in the domain are in poor health and alert you accordingly. An alert notification describes the
condition, includes troubleshooting steps, and may include a repair function.

Information collected, processed, or transmitted: Windows Essentials 2012 “Pre-releases” generates notifications
when an alert condition is detected. The alert is sent to the administrator over a local area network, and it contains
the following information: alert title, date/time generated, affected computer, description of the problem, and
documented steps to resolve the problem. These are preserved on the system. If the administrator enables alert
emails, the alerts are also sent to recipients as specified by the server administrator on the Alert Viewer page. These
settings do not contain any Personally Identifiable Information. None of the information is sent to Microsoft.

Use of information: Information is used to notify the administrators, and others who they designate, that a problem
has been detected on the server running Windows Essentials 2012 “Pre-releases,” client computers, or other servers
in the domain.

Choice and control: Users can disable notifications locally. Administrators can choose to show alert notifications, only
show local alerts, or show all network alerts. Alert presentation on the server running Windows Essentials 2012 “Pre-
releases” cannot be disabled. If you don’t want the client computers or other servers to report their health status,
don’t connect the client computers or other servers to the server running Windows Essentials 2012 “Pre-releases.”
Administrators can configure the server to send email alerts for specific alerts. The alert email is disabled by default.
The administrator can enable alert emails by using the Alert Viewer settings. When alert emails are enabled, by
default, the server running Windows Essentials 2012 ”Pre-releases” sends email for the server health alerts to the
recipients provided by the server administrator.
Windows Internet Explorer Enhanced Security Configuration
What this feature does: Windows Internet Explorer® Enhanced Security Configuration is a feature that is enabled by
default. It configures Windows Internet Explorer and your server running Windows Essentials 2012 “Pre-releases” to
help protect against potential attacks that can occur through web content and application scripts. As a result, some
websites may not display or perform as expected. To provide a more streamlined user experience when installing and
using some Microsoft products and services, such as Microsoft Office Live, Windows Essentials 2012 “Pre-releases”
may modify your server's trusted sites list in Windows Internet Explorer.
Use of information: Windows Essentials 2012 “Pre-releases” may add certain websites to your server’s trusted sites
list in Windows Internet Explorer. No data is sent to Microsoft.
Choice and control: To remove these websites in Windows Internet Explorer:
1. Click the Tools menu.
2. Click Internet Options.
3. On the Security tab, click Trusted Sites, and then click Sites.
4. Highlight a website, and then click Remove.

Anywhere Access
What this feature does: Anywhere Access allows authorized users to access the contents of your server running
Windows Essentials 2012 “Pre-releases” from virtually anywhere in the world by using an Internet connection.
Anywhere Access also allows authorized users to connect to the Dashboard or personal computers that are
connected to your server through your network. This can be done through the Remote Desktop functionality in
Remote Web Access or through the Windows Remote Desktop connection if a VPN connection is present while the
user is outside of the local network.
Information collected, processed, or transmitted: Connection settings are stored in a Remote Desktop Protocol (RDP)
file. These settings include domain and connection configuration settings such as color-bit depth. Credentials for
these connections, in addition to the remote desktop proxy credentials, are stored by the credential manager in
Windows Essentials 2012 “Pre-releases.” A list of trusted Remote Desktop Gateway server names is stored in the
registry. This list is stored permanently unless deleted by an administrator, and it is not shared with non-Microsoft
parties or other Windows components. A cookie is used to store the user’s selection of views: Tablet or Desktop.
None of this information is sent to Microsoft.
Windows Essentials 2012 “Pre-releases” periodically verifies that Anywhere Access is available to receive connections
to help you identify and resolve problems with your Internet connection. The IP address of your network is sent to
Microsoft, and a connectivity diagnostics service that is hosted by Microsoft establishes a test connection to your
server running Windows Essentials 2012 “Pre-releases” only to verify connectivity. No additional information is sent
to Microsoft. If you enable Anywhere Access, the diagnostic service that is hosted on the server validates the external
IP address of the server every 15 minutes. This occurs if you use the Windows Server Solutions Custom Domains
Service or if you partner with a vanity domain name provider. If you choose to opt out of the diagnostic service, you
need to turn off Anywhere Access as explained previously.

Use of information: Data is collected on your server so you can connect via Anywhere Access with your desired
settings. We use the IP address sent to us only for the connectivity diagnostics service that helps you verify
connectivity between users and a server running Windows Essentials 2012 “Pre-releases.”

Choice and control: Anywhere Access is off by default in Windows Essentials 2012 “Pre-releases,” and it must be
configured by an administrator before it can be used. Only users who have remote access rights on the server can use
Anywhere Access.
To enable Anywhere Access
1. Open the Dashboard.
2. Click Settings, and then click the Anywhere Access tab.
3. Click Configure… and follow the wizard to enable Anywhere Access.
After Anywhere Access is enabled, the same procedure can be used to disable it. The administrator can view the list
of users who have access to Anywhere Access.
Important information: All data that is sent over the Internet to enable Anywhere Access or during the use of
Anywhere Access is transmitted by using a Secure Socket Layer (SSL) connection. Users must be authorized to access
the Windows Essentials 2012 “Pre-releases” server remotely, and they can gain access to only the client computers on
which they have a user account.
Note: The Anywhere Access domain addresses on the server may be indexed by some search engines. Also, you are
responsible for making sure that your use of Anywhere Access features complies with your broadband provider’s
terms-of-service. You may need to add services from your broadband provider to use Anywhere Access features. For
example, you will need certain ports to be open to use these features, and some broadband providers block those
ports for customers on some service plans. Also, some broadband providers’ terms-of-service may limit or prohibit
setting up and running servers on their networks by some customers on some service plans. Please contact your
broadband provider if you have questions about their terms-of-service.

Windows Server Solutions Custom Domains Service
What this feature does: The Windows Server Solutions Custom Domains Service enables you to create an Internet
domain name that you can use to connect remotely to your server running Windows Essentials 2012 “Pre-releases.”
Information collected, processed, or transmitted: To set up the domain name, you must have a Windows Live ID
email address and password. The Internet Domain Name Setup Wizard prompts you to enter an existing Windows
Live ID or create a new one. You can register for a Windows Live ID at the Windows Live ID site. All the registration
information that you provide is stored by the Windows Live ID service in your Windows Live ID profile. To learn more
about the Windows Live ID service, the information stored in the Windows Live ID profile, and how Windows Live ID
uses and helps protect your personal information, please read the Windows Live ID Privacy Statement
http://go.microsoft.com/fwlink/?LinkID=248681.
When you set up the domain name, your Windows Live ID email address and password are sent to Microsoft or to the
non-Microsoft domain name service provider you select. The Internet domain name you choose and the IP address of
your network are also sent to Microsoft or the non-Microsoft domain name service provider to associate the domain
name to your server running Windows Essentials 2012 “Pre-releases.” No additional information is sent to Microsoft
or the non-Microsoft domain name service provider.
Use of information: The data that is sent to Microsoft or the non-Microsoft domain name service provider will be
used to create an Internet domain name and to associate the domain name to your server running Windows
Essentials 2012 “Pre-releases.”
Choice and control: The Custom Domains service is optional. You can end the service at any time by releasing your
domain name and disabling Remote Web Access. You can change and/or release the domain name by:
1. Open the Dashboard, and click Settings.
2. Click Anywhere Access.
3. Click Set up… in the Domain Name section, or click Configure… on the Anywhere Access page to turn it off.
Important information: When your Internet domain name is created, we will obtain and send a certificate for the
domain name that is issued by Microsoft or a non-Microsoft domain name service provider to your server running
Windows Essentials 2012 “Pre-releases.” This certificate is stored on your computer by Microsoft Internet
Information Services (IIS) for use by Internet client computers that engage in SSL communications with your server
running Windows Essentials 2012 “Pre-releases.”
The Internet domain name you choose is a public domain name, so do not include any personally identifiable
information in the domain name if you do not want this information to be publicly available.

Server folders
What this feature does: Server folders allow you to store content on the server running Windows Essentials 2012
“Pre-releases.” By default, server folders are accessible to other users, computers, and devices on your network.
Server folders can also be accessed by Remote Web Access or VPN users. The administrator can also configure certain
folders in Remote Web Access and other web services applications to be invisible. This protects these folders from
being accessed outside of the network running Windows Essentials 2012 “Pre-releases.”

Information collected, processed, or transmitted: The content in server folders is stored on your server running
Windows Essentials 2012 “Pre-releases,” and it can be accessed from other computers and devices. No server folder
content is sent to Microsoft.
Use of information: This feature enables users to store and share content through Windows Essentials 2012 “Pre-
releases.” Users who are authorized by the administrator will have access to these folders.

Choice and control: In Windows Essentials 2012 “Pre-releases,” the administrator has Read-Write access to all the
content in server folders. The administrator can grant or revoke a user's access to specific server folders through the
Dashboard. The default set of users who have access to a server folder varies by type of server folder. For example, by
default, all users on your network have Read-Write access to server folders and no access to other users' personal
server folders.

Windows Desktop Search
What this feature does: Windows Desktop Search automatically scans all files and folders stored on your server
running Windows Essentials 2012 “Pre-releases,” and it builds an index of this content. This index can then be
searched to find specific files or folders, specific words within files and folders, or specific metadata associated with
files and folders.

Information collected, processed, or transmitted: The index of your files and folders stored on your server running
Windows Essentials 2012 “Pre-releases” can be searched by any VPN user or by any Remote Web Access user through
Remote Web Access in Windows Essentials 2012 “Pre-releases.”

Use of information: The Windows Desktop Search index is stored locally on the server running Windows
Essentials 2012 “Pre-releases,” and no data is sent to Microsoft.
Choice and control: If you don’t want a folder to be indexed, open Control Panel, and search for “Indexing Options” in
the upper right search textbox. In the search result, select Indexing Options. In the Indexing Options dialog, remove
the folders from the Included Locations list.

On-premise Exchange Server integration
What this feature does: This feature allows administrators to connect a server running Windows Essentials 2012
“Pre-releases” to a server running Exchange Server that is set up on the same network. After connecting to Exchange
Server, the administrator can create mailboxes for new users, view and edit some mailbox properties for existing
users, and delete users’ mailboxes when users are deleted. The administrator can also monitor the health of the
server running Exchange Server from the Dashboard in Windows Essentials 2012 “Pre-releases” through the alert
viewer.
Information collected, processed, or transmitted: The mailbox properties and the Exchange Server health
information are sent to Windows Essentials 2012 “Pre-releases.” No information is sent to Microsoft.
Use of information: The feature shows the administrator the users’ mailbox properties and the health status of
Exchange Server on the Windows Essentials 2012 “Pre-releases” Dashboard, which enables the administrator of
Windows Essentials 2012 “Pre-releases” to manage the users’ mailbox properties.
Choice and control: If you do not want administrators of Windows Essentials 2012 “Pre-releases” to view or manage
the users’ mailbox properties in Exchange Server, do not turn on the on-premise Exchange Server Integration in the
Windows Essentials 2012 “Pre-releases.”

Microsoft Office 365 integration
What this feature does: The Office 365 Integration Wizard helps the administrator integrate a new or existing
subscription for Office 365 into Windows Essentials 2012 “Pre-releases.” It pulls information from the Office 365
online service, and displays the information in the Windows Essentials 2012 “Pre-releases” Dashboard.
Information collected, processed, or transmitted: The wizard asks for the administrator’s Microsoft Online Services
ID and password. The ID and password are sent to Office 365 and cached on the local server. The wizard’s sign-in
screen will remember the ID that the user inputs. For information about how this information is collected, processed,
or transmitted, see Microsoft Online Services Privacy Notice at http://go.microsoft.com/fwlink/p/?LinkID=248990.
Use of information: Office 365 validates the administrator’s Microsoft Online Services ID and password. When it is
authenticated, the account is also used to configure the server. The ID and password are encrypted and cached on the
server running Windows Essentials 2012 “Pre-releases” so that the administrator does not need to reenter them for
future usage.
Choice and control: If you do not want to send or cache the Microsoft Online Services ID or password, do not use
Office 365 Integration.

Password sync with Office 365
What this feature does: This feature synchronizes the password of an Office 365 account with the password of a local
user account in Windows Essentials 2012 “Pre-releases.” So a local user can use the same password to sign in to the
local network and Office 365.
Information collected, processed, or transmitted: If the user is assigned an Office 365 account, the feature sends the
user’s local account password (in an encrypted format) to Office 365 whenever the user sets a new local account
password. For information about how this information is collected, processed, or transmitted, see Microsoft Online
Services Privacy Notice at http://go.microsoft.com/fwlink/p/?LinkID=248990.
Use of information: Office 365 receives the local account and new password, and sets it as the Microsoft Office 365
account password.
Choice and control: If you do not want to synchronize the local password with Office 365, do not assign an Office 365
account to this user.

Assign a new or existing Office 365 account to a user; add multiple users to Office 365; and
activate a user’s Office 365 account; import accounts from Office 365
What these features do: These features provide different ways of enabling access to Office 365 for a local user on the
server running Windows Essentials 2012 “Pre-releases.” Specifically, they enable a local user to be assigned a new or
existing Office 365 account.
Information collected, processed, or transmitted: The feature sends an Office 365 account name (email address) to
Office 365 when a new account needs to be created. Or it imports an existing Office 365 account name (email
address) from Office 365. After assigning an Office 365 account to a local user account, the Office 365 account name
is also saved on the local server running Windows Essentials 2012 “Pre-releases.” For information about how this
information is collected, processed, or transmitted, see Microsoft Online Services Privacy Notice at
http://go.microsoft.com/fwlink/p/?LinkID=248990.
Use of information: Office 365 will create an Office 365 account using the account name provided. The cached Office
365 account name on Windows Essentials 2012 “Pre-releases” will be used to identify the Office 365 account that
belongs to a particular user running Windows Essentials 2012 “Pre-releases.”
Choice and control: If you do not want to send Office 365 account information or cache it on the server running
Windows Essentials 2012 “Pre-releases,” do not assign an Office 365 account to any user running Windows
Essentials 2012 “Pre-releases.”

Deactivate the user’s Office 365 account; Deactivate the user’s local account
What these features do: These features deactivate the Office 365 account that is assigned to a local user account on
Windows Essentials 2012 “Pre-releases.” The user can no longer access the Office 365 account, and the licenses that
are assigned to the Office 365 account are removed. The user’s data remains in Office 365 for certain period of time,
which is defined by the Office 365 data retention policy.
Information collected, processed, or transmitted: The Office 365 account name (email address) is sent to Office 365.
For information about how this information is collected, processed, or transmitted, see Microsoft Online Services
Privacy Notice at http://go.microsoft.com/fwlink/p/?LinkID=248990.
Use of information: Office 365 receives the Office 365 account name and deactivates it.
Choice and control: If you do not want to send Office 365 account information to Office 365, do not assign an Office
365 account to any user.

Delete the Office 365 user
What this feature does: This feature deletes a local user account on Windows Essentials 2012 “Pre-releases.” If the
user has been assigned an Office 365 account, this Office 365 account is also deleted.
Information collected, processed, or transmitted: The Office 365 account name (email address) is sent to Office 365.
For information about how this information is collected, processed, or transmitted, see Microsoft Online Services
Privacy Notice at http://go.microsoft.com/fwlink/p/?LinkID=248990.
Use of information: Office 365 receives the Office 365 account name and deletes it.
Choice and control: If you do not want to send Office 365 account information to Office 365, do not assign an Office
365 account to any user.

Link domain to Office 365
What this feature does: This feature configures an Internet domain to work with Office 365.

Information collected, processed, or transmitted: The domain name is sent to Office 365.

Use of information: Office 365 receives the domain name, verifies the ownership of the domain, and configures the
domain for Office 365.
Choice and control: If you do not want to send the domain name to Office 365, do not use this feature.

Microsoft Online Backup Service
What this feature does: Microsoft Online Backup Service for Windows Essentials 2012 “Pre-releases” enables you to
access the Microsoft Online Backup Service.
Information collected, processed, or transmitted: To integrate the Microsoft Online Backup Service, you must
provide the account ID and password. The ID will be cached on the local server, but the password will not. To learn
about the specific features of the Microsoft Online Backup Service and any associated privacy impact, please see the
Microsoft Online Backup Service Privacy statement on the Microsoft Connect website at
http://go.microsoft.com/fwlink/?LinkId=232426.
Important information: In Windows Essentials 2012 “Pre-releases,” the following Microsoft Online Backup Service
feature has a different name:
 Windows Essentials 2012 “Pre-releases” refers to the Recovery feature, and in Microsoft Online Backup
Service, the feature is called Restore.
Choice and control: This is an optional feature that must be installed by the administrator of Windows Essentials 2012
“Pre-releases” prior to use of the service.

Best Practices Analyzer
What this feature does: Best Practices Analyzer (BPA) helps maintain a high level of system health by providing a
report that identifies issues. Scan reports may direct users to online Knowledge Base articles and update publication
sites on the Microsoft website to retrieve more information about specific issues.
Information collected, processed, or transmitted: BPA performs application and configuration-level verification
against a set of rules by reading and reporting only. It does not modify any system settings. For more information, see
article at http://go.microsoft.com/fwlink/p/?LinkId=245672.

Use of information: BPA does not send any scan results to Microsoft. Administrators can view a report of scan results
from within the Windows Essentials 2012 “Pre-releases” Dashboard.
Choice and control: Use of the tool is optional. If you do not want the tool to read any application and configuration
settings, do not use the tool.

Web services
What this feature does: Windows Essentials 2012 “Pre-releases” exposes web service APIs to allow the non-Microsoft
applications to authenticate a user of Windows Essentials 2012 “Pre-releases,” browse files and folders, provide
media access, and perform server management tasks (which include managing network alerts, user accounts, and
devices, in addition to connecting to multiple servers).
Information collected, processed, or transmitted: The web services only accept calls of their public interfaces if they
are properly authenticated. Authenticated recipients can get the server name, GUID, external domain name, device
information, media file streams, network health alerts, and user account information for the server running Windows
Essential 2012 “Pre-releases.” None of this information is sent to Microsoft.
Use of information: The server name in Windows Essentials 2012 “Pre-releases” and the user name and password
information are used for authentication.
Choice and control: If you do not want to access the server running Windows Essentials 2012 “Pre-releases” through
web services, do not setup the domain.

Transmog
What this feature does: The Transmog command will upgrade your server that is running Windows Essentials 2012
“Pre-releases” to Windows Server 2012 Release Candidate. It will remove locks and limits, and add the packages that
are missing. Packages for the edition you are running remain on the server, except for the Media feature (read the
following description). Other settings that are shared between the editions remain unchanged. For more information,
see the Windows 8 Release Preview and Windows Server 2012 Release Candidate Privacy Statement at
http://go.microsoft.com/fwlink/?linkid=190175.
Information collected, processed, or transmitted: No information is collected or sent to Microsoft.
Use of information: No information is collected or sent to Microsoft.
Choice and control: If you don’t want to upgrade the server to Windows Server 2012 Release Candidate, don’t run
the Transmog command.

Media
What this feature does: The Media feature allows the users to use media devices, or allows Anywhere Access to play
media files that are stored on the server. The administrator can configure shared folders that contain the media file,
or configure the video streaming quality. The first time a user attempts to stream media that is stored on a server
from the web browser in another device, the user will be asked to install Silverlight if it is not already installed on
their computer. The user can then choose to install Silverlight. A cookie is set to remember this choice, and the
prompt will not appear again unless the user deletes the cookie cache.
Information collected, processed, or transmitted: When the Media feature is enabled, media files can be accessed by
authorized users. If the user chooses to install Silverlight, the user is directed to the Silverlight website. If the user
chooses to not install Silverlight, a default media playing tool on the user’s device will play the media. No information
is collected or sent to Microsoft.
Use of information: A cookie is set to remember this choice, and the prompt will not appear again unless the user
deletes the cookie cache. No information is collected or sent to Microsoft.
Choice and control: The Media feature is off by default. If you want to turn it on, click Settings, click the Media tab,
click Turn On, and then follow the wizard.

Windows Update Group Policy management
What this feature does: Windows Update Group Policy management provides easier security and user data
protection management of computers running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate,
and Windows 8 Release Preview that are connected to the server running Windows Essentials 2012 “Pre-releases.”
Windows Update collects basic information about your computer to identify which updates your computer needs and
to improve the updating service.
Windows Update Group Policy management sets the Group Policy to update the Windows Update settings on the
client computer to enhance the security of the computer. The following Windows Update settings are modified on
the client computers that are joined to the server running Windows Essentials 2012 “Pre-releases”:
 Automatic update for immediate installation is enabled.
 Non-administrators on the client computer are allowed to receive update notifications.
 Automatic updates are configured to be automatically downloaded and scheduled to get installed every day
at 3:00 A.M.
 Windows Power Options is configured to wake up the computer to install scheduled updates.
 Automatic recommended updates installation is enabled.
Information collected, processed, or transmitted: For details about what information is collected and how it is used,
see the Update Services Privacy Statement at http://go.microsoft.com/fwlink/?LinkID=193006.
Use of information: For details about what information is collected and how it is used, see the Update Services
Privacy Statement at http://go.microsoft.com/fwlink/?LinkID=193006.
Choice and control: The administrator for Windows Essentials 2012 “Pre-releases” can enable or disable this feature
anytime as follows:
1. Open the Windows Essentials 2012 “Pre-releases” Dashboard.
2. Click the Devices tab.
3. Launch the Implement Group Policy Wizard.

Windows Firewall Policy management
What this feature does: Windows Firewall Group Policy management provides easier security and user data
protection management for computers running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate,
and Windows 8 Release Preview that are connected to the server running Windows Essentials 2012 “Pre-releases.”
Windows Firewall helps protect against network attacks for computers on which it is enabled. Windows Firewall does
this by checking all communications that cross the connection and selectively blocking communications according to
the configuration settings you specify. Windows Firewall is considered a "stateful" firewall; that is, it monitors all
aspects of the communications that cross its path and inspects the source and destination address of each message
that it handles.
Windows Firewall Group Policy management modifies the following Windows Firewall settings on the computers
running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate, and Windows 8 Release Preview that
are connected to the server running Windows Essentials 2012 “Pre-releases”:
 For the domain profile, the firewall is turned on. Inbound connections are blocked, outbound connections
are allowed.
 For the private profile, the firewall is turned on. Inbound connections are blocked, outbound connections
are allowed.
 For the public profile, the firewall is turned on. Inbound connections are blocked, outbound connections are
allowed.
 For all profiles, the firewall notifications are enabled.
Information collected, processed, or transmitted: For details about what information is collected and how it is used,
see Using Windows 7 and Windows Server 2008 R2: Controlling Communication with the Internet at
http://technet.microsoft.com/library/ee126105(WS.10).aspx.
Use of information: For details about what information is collected and how it is used, see Using Windows 7 and
Windows Server 2008 R2: Controlling Communication with the Internet at
http://technet.microsoft.com/library/ee126105(WS.10).aspx.
Choice and control: The administrator for Windows Essentials 2012 “Pre-releases” can enable or disable this feature
anytime as follows:
1. Open the Windows Essentials 2012 “Pre-releases” Dashboard.
2. Click the Devices tab.
3. Launch the Implement Group Policy Wizard.

Windows Defender management
What this feature does: Windows Defender Group Policy management provides easier security and user data
protection management for computers running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate,
and Windows 8 Release Preview that are connected to the server running Windows Essentials 2012 “Pre-releases.”
Windows Defender is the antispyware program in the Windows operating system. It offers two ways to help protect
your computer from spyware and other potentially unwanted software:
 Real-time protection. Windows Defender alerts you when spyware or potentially unwanted software
attempts to install or run on your computer. It also alerts you when programs attempt to change important
settings in Windows.
 Scanning options. You can use Windows Defender to scan for spyware and other potentially unwanted
software that might be installed on your computer, to schedule scans on a regular basis, and to
automatically remove any malicious software that is detected during a scan.
Windows Defender Group Policy management enables Windows Defender to automatically check for new signatures
before scheduled scans on computers running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate,
and Windows 8 Release Preview that are connected to the server running Windows Essentials 2012 “Pre-releases.”
Information collected, processed, or transmitted: For details about what information is collected and how it is used,
see the Windows Defender Privacy Statement at
http://www.microsoft.com/windows/products/winfamily/defender/privacypolicy.mspxWindows .
Use of information: For details about what information is collected and how it is used, see the Windows Defender
Privacy Statement at
http://www.microsoft.com/windows/products/winfamily/defender/privacypolicy.mspxWindows .
Choice and control: The administrator for Windows Essentials 2012 “Pre-releases” can enable or disable this feature
anytime as follows:
1. Open the Windows Essentials 2012 “Pre-releases” Dashboard.
2. Click the Devices tab.
3. Launch the Implement Group Policy Wizard.

Folder Redirection management
What this feature does: Folder Redirection Group Policy management provides easier security and user data
protection management for computers running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate,
and Windows 8 Release Preview that are connected to the server running Windows Essentials 2012 “Pre-releases.”
The Folder Redirection feature in the Windows operating system allows administrators to redirect users’ folders (such
as Documents, Pictures, or Music) to shared folders that are hosted on servers. Folder Redirection is used in
conjunction with the Offline Files technology to ensure that the users’ data is available when the network connection
to the server that is hosting a redirected folder becomes latent or unavailable.
Folder Redirection Group Policy management allows the server administrator to redirect users’ folders on computers
running Windows 7 Professional, Windows 7 Enterprise, Windows 7 Ultimate, and Windows 8 Release Preview to the
server running Windows Essentials 2012 “Pre-releases.”
Information collected, processed, or transmitted: No information is collected or sent to Microsoft.
Use of information: No information is collected or sent to Microsoft. For more information about Folder Redirection,
please see What's New in Folder Redirection and User Profiles at
http://go.microsoft.com/fwlink/?LinkId=184846Error! Hyperlink reference not valid..
Choice and control: The administrator for Windows Essentials 2012 “Pre-releases” can enable or disable this feature
anytime as follows:
1. Open the Windows Essentials 2012 “Pre-releases” Dashboard.
2. Click the Devices tab.
3. Launch the Implement Group Policy Wizard.

Windows Server 2012 Release Candidate features
Windows Essentials 2012 “Pre-releases” is built on Windows Server 2012 Release Candidate software. So those
features in Windows Server 2012 Release Candidate that have a privacy impact will also occur in Windows
Essentials 2012 “Pre-releases.” To learn about these features, and how to control the Internet-enabled features in
Windows Server 2012 Release Candidate, see the Windows 8 Release Preview and Windows Server 2012 Release
Candidate Privacy Statement at http://go.microsoft.com/fwlink/?linkid=190175.

Windows Customer Experience Improvement Program
What this feature does: If you choose to participate in the Windows Customer Experience Improvement Program
(CEIP), Microsoft collects basic information about how you use your apps, computers, connected devices, and the
Windows operating system. We also collect information about how each is set up and performing. When you
participate, CEIP also periodically downloads a file to collect information about problems you might have with
Windows. CEIP reports are sent to Microsoft to help improve the features our customers use most often and to
create solutions to common problems.
Information collected, processed, or transmitted: CEIP reports generally include the following information:
 Configuration. Information about how many processors are in your computer, the number of network
connections in use, screen resolutions for display devices, and which version of Windows is running. Reports
can also include configuration information, such as the strength of the signal between your computer and a
wireless device or a Bluetooth-enabled device, and if some features such as high-speed USB connections are
turned on.
 Performance and reliability. Information about how quickly an app responds when you click a button, how
many problems you experience with an app or a device, and how quickly information is sent or received
over a network connection.
 App use. Information about what features you use most often, how frequently you open apps, how often
you use Windows Help and Support, and how many folders you typically create on your desktop.
CEIP reports also contain information about events (event log data) on your computer from up to seven days prior to
the time you decide to participate in CEIP. Because most users decide to participate in CEIP within several days of
setting up Windows, Microsoft uses this information to analyze and improve the Windows setup experience.
This information is sent to Microsoft when you are connected to the Internet. CEIP reports don’t intentionally contain
contact information, such as your name, address, or phone number; however, some reports might unintentionally
contain individual identifiers, such as a serial number for a device that is connected to your computer. Microsoft
filters the information that is contained in CEIP reports to try to remove any individual identifiers that they might
contain. If individual identifiers are received, Microsoft doesn’t use them to identify you or contact you.
CEIP randomly generates a number (that is, a globally unique identifier or GUID) that is stored on your computer and
sent with CEIP reports to uniquely identify your computer. The GUID doesn’t contain any personal information and is
not used to identify you.
CEIP also periodically downloads a file to collect information about problems you might have with the Windows
operating system. This file allows Microsoft to collect additional information to help create solutions for common
problems.
Use of information: Microsoft uses CEIP information to improve our software. We might also share CEIP information
with Microsoft partners so they can improve their software, but the information can’t be used to identify you. We use
the GUID to distinguish how widespread the feedback we receive is and how to prioritize it. For example, the GUID
allows Microsoft to distinguish between one customer experiencing a problem one hundred times and one hundred
customers experiencing the same problem once. Microsoft doesn’t use the information collected by CEIP to identify
you or contact you.
Choice and control: Because this is a prerelease version of the software, CEIP is turned on by default so that
Microsoft can collect information about how Windows Essentials 2012 “Pre-releases” is used. This will help Microsoft
improve the software.
Server CEIP: A server administrator can disable the Server CEIP at any time after setup is completed by locating the
Windows Essentials 2012 “Pre-releases” Server Settings page and clearing the CEIP check box.
Note: Server CEIP data will continue to be collected unless the check box on the Server Settings page of the
Dashboard is cleared. If you choose to participate and later change your mind, you can turn off CEIP at any time as
follows:
1. Open the Settings page in Dashboard.
2. Clear the CEIP check box.
Connector software CEIP: Connector software CEIP is an optional feature, and you are offered the opportunity to
participate in CEIP when you install Connector software. You can change the Connector software CEIP configuration at
any time by using the Launchpad. You can turn off CEIP at any time as follows:
1. Sign into the Launchpad and click Settings.
2. Clear the CEIP check box.
Windows Error Reporting
What this feature does: Windows Error Reporting helps Microsoft and Microsoft partners diagnose problems and
provide solutions in the software you use. Not all problems have solutions, but when solutions are available, they are
offered as steps to solve a problem you’ve reported or as updates to install. To help prevent problems and make
software more reliable, some solutions are also included in service packs and future versions of the software.
Windows Error Reporting also provides Setup Repair, an error reporting service that might run during Windows Setup
if a problem occurs.
Information collected, processed, or transmitted: Many Microsoft software products, including Windows, are
designed to work with the Microsoft Error Reporting Service. If a problem occurs in one of these software products,
you might be asked if you want to report it. If you host virtual machines using a Windows operating system, reports
generated by the Windows operating system for the Microsoft Error Reporting Service might include information
about virtual machines.
The reporting service collects information that is useful for diagnosing and solving a problem that has occurred, such
as where the problem happened in the software or hardware, the type or severity of the problem, files that help
describe the problem, basic software and hardware information, or possible software performance and compatibility
problems.
Additionally, this pre-release version of Windows uses Windows Error Reporting to collect information about apps,
drivers, and devices. For example, information about an app might include the name of the app and its executable
files and the file path and directory. Information about devices and drivers might include the names of devices you’ve
installed on your PC and the executable files associated with those devices drivers. System variables are substituted
for path and directory locations that could contain personal information such as user names.
Error reports might unintentionally contain personal information. For example, a report that contains a snapshot of
PC memory might include your name, part of a document you were working on, or data that you recently submitted
to a website.
If a report is likely to contain this type of information, Windows will ask if you want to send this information, even if
you’ve enabled automatic reporting by choosing express settings in Windows setup or in Control Panel. This gives you
the opportunity to review the report before sending it to Microsoft. Reports including files and data might be stored
on your PC until you have an opportunity to review and send them, or after they have been sent.
If you choose to enable automatic reporting (for example, when you choose express settings in Windows setup), the
reporting service will send basic information about where problems occur automatically, but these reports won't have
the detail described in this section.
After you send a report, the reporting service might ask you for more information about the problem that occurred. If
you choose to provide your phone number or email address in this information, your error report will be personally
identifiable. Microsoft might contact you to request additional information to help solve the problem you reported.
The Microsoft Error Reporting Service randomly generates a number called a globally unique identifier (GUID) that is
sent to Microsoft with every error report. The GUID lets us determine which data is sent from a particular computer
over time. The GUID doesn’t contain any personal information and isn’t used to identify you.
Use of information: Microsoft uses information about errors and problems to improve Microsoft products and
services in addition to non-Microsoft software and hardware that is designed to use with these products and services.
Microsoft employees, contractors, vendors, and partners might be provided access to information that is collected by
the reporting services. However, they are only permitted to use the information to repair or improve Microsoft
products and services and non-Microsoft software and hardware that is designed to use with Microsoft products and
services. If an error report contains personal information, Microsoft doesn’t use the information to identify you or
contact you.
Microsoft might share aggregate information about errors and problems. Microsoft uses aggregate information for
statistical analysis. Aggregate information doesn’t contain specific information from individual reports, nor does it
include any personal or confidential information that might have been collected from a report.
Choice and control: Because this is a prerelease version of the software, WER is turned on for automatic reporting by
default so that Microsoft can collect information about the errors customers encounter while using Windows. This
will help Microsoft improve the software. You can change your Microsoft Error Reporting settings at any time as
follows:
1. Open the Settings page in Dashboard.
2. Select the Automatically report errors check box.

Online Help
What this feature does: You can choose to have Help search online when you are connected to the Internet, giving
you the most up-to-date content available.
Information collected, processed, or transmitted: When you use online Help, your request is sent to Microsoft, in
addition to any rating or feedback that you choose to provide about the Help topics presented to you. If you type any
personal information into the search or feedback boxes, the information will be sent to Microsoft, but will not be
used to identify or contact you.
Use of information: Online Help uses the information in your search and in your feedback to return the most relevant
results, improve the existing content, and develop new content.
Choice and control: By default, online Help is disabled. When you click Help the first time, you are prompted with a
message to let you know that you will be redirected to an external website through the Internet. You can choose to
not open the Help website by clicking No. If online Help is turned off, results from online Help will not be included
when you use Help. You can later change your selection by clicking Help again and accepting to open online Help.

Microsoft Update
What this feature does: Microsoft Update is a service that provides Windows updates and updates for other
Microsoft software.
Information collected, processed, or transmitted: For details about what information is collected and how it is used,
see the Update Services Privacy Statement at http://go.microsoft.com/fwlink/?LinkID=193006.
Use of information: For details about what information is collected and how it is used, see the Update Services
Privacy Statement at http://go.microsoft.com/fwlink/?LinkID=193006.
Choice and control: During setup, Windows Essentials 2012 “Pre-releases” performs a one-time, mandatory check
with Windows Update to receive the latest important updates for your computer. If updates are found, Windows
Essentials 2012 “Pre-releases” automatically downloads and installs them so your computer is up to date the first
time that you sign in or use it.
During setup, you are also prompted to choose whether to enable ongoing automatic updates from Windows Update.
If you choose Use recommended settings or the Install updates only option on the settings page in Windows
Essentials 2012 “Pre-releases” during the server setup, Windows Update automatically downloads and installs
important and recommended updates.
You can also enable or disable automatic Windows Update at any time.
To enable or disable automatic update
1. In the Dashboard, click Settings.
2. In the Windows Update section of the General page, turn Windows Update on or off, and then click OK.
When you install Connector software, you can choose to have updates applied to the Connector software
automatically. If you choose to have updates installed automatically, they will be downloaded from your server
running Windows Essentials 2012 “Pre-releases.” You can choose to download and install Connector software
updates manually when you install the Connector software. You can change your choice by reinstalling the Connector
software and selecting “Download and install the updates myself during the software setup.”