This document provides privacy information for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 1.
At Microsoft, we're working hard to protect your privacy, while delivering products that bring you the performance, power, and convenience you desire in your personal computing. This privacy statement explains the data collection and use practices of these Windows Vista installation features: Activation, Dial-up Networking, Dynamic Update, Microsoft Error Reporting Service, Phishing Filter, Windows Defender, and Update Services. These features might send information to and from the Internet when you're installing and setting up Windows Vista Service Pack 2. This disclosure does not apply to other online or offline Microsoft websites, products, or services.
For a more comprehensive privacy statement for this software, see the online Windows Vista Privacy Statement at http://go.microsoft.com/fwlink/?LinkId=52526.
Collection of information about your computer
Windows Vista Service Pack 2 contains several Internet-enabled features that collect standard information from your computer ("standard computer information"). Standard computer information generally includes such information as your computer's Internet Protocol (IP) address; operating system version; browser version; hardware ID, which indicates the device manufacturer, device name, and version; and your regional and language settings. Some features may collect additional information. The privacy details for each Windows feature listed in this privacy statement will disclose the additional information that is collected and, if the feature sends the information to Microsoft, how it is used.
Use of information
Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or agents maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union. Microsoft may disclose information about you if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Microsoft or the site; (b) protect or defend the rights or property of Microsoft (including enforcement of our agreements); or (c) act in urgent circumstances to protect the personal safety of Microsoft employees, users of Microsoft software or services, or members of the public.
Microsoft occasionally hires other companies to provide limited services on its behalf, such as providing customer support, processing transactions, or performing statistical analysis of reports. Microsoft will provide these companies only the information they need to deliver the service. They are required to maintain the confidentiality of the information and are prohibited from using it for any other purpose.
Security practices
Microsoft is committed to protecting the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure. For example, we store the information that you provide on computer servers that have limited access and that are located in controlled facilities.
If you have questions about this privacy statement, please contact us by submitting your questions online to Privacy Feedback at:
http://go.microsoft.com/fwlink/?LinkId=93579
Or by postal mail:
Windows Vista Privacy Statement for Installation Featuresc/o Microsoft Privacy Response CenterMicrosoft CorporationOne Microsoft WayRedmond, Washington 98052
What this feature does
Activation helps reduce software counterfeiting, which helps ensure that Microsoft customers receive the software quality they expect. Once your software is activated, a specific product key becomes associated with the computer (the hardware) on which your software is installed. This association prevents the product key from being used to activate the same copy of the software on multiple computers. Some changes to your computer components or the software may require you to reactivate the software.
Information collected, processed, or transmitted
During activation, product key information is sent to Microsoft along with a hardware hash, which is a non-unique number generated from the computer's hardware configuration. This number does not represent any personal information or information about the software. The number cannot be used to determine the make or model of the computer and it cannot be backward calculated to determine any additional information about your computer. Along with standard computer information, some additional language settings are collected.
Microsoft uses the information to confirm that you have a licensed copy of the software, and then it is aggregated for statistical analysis. Microsoft does not use the information to identify you or contact you.
Activation is mandatory and must be completed within a predefined grace period. If you choose not to activate the software, you cannot use it after the grace period expires. If the software is not correctly licensed, you will not be able to activate it.
Dial-up Networking allows you to access the Internet using a dial-up modem and a broadband technology, such as a cable modem and digital subscriber line (DSL). It also allows you to connect to private networks using a virtual private network (VPN) connection and Remote Access Service (RAS). RAS is a component that connects a client computer (typically your computer) to a host computer (also known as a remote access server) using industry standard protocols. VPN technologies allow users to connect to a private network, such as a corporate network, over the Internet while maintaining secured communications.
Dial-up Networking includes dialer components such as RAS Client, Connection Manager, and RAS Phone, as well as command-line dialers like rasdial.
The dialer components collect information from your computer such as your user name, password, domain name, and phone number. This information is sent to the system that you are attempting to connect with. To help protect your privacy and the security of your computer, security-related information such as your user name and password are encrypted and stored on your computer.
The Connection Manager Administration Kit (CMAK) is a server component that allows administrators to collect information from users on a network. The information that is collected is determined by the administrator. For more information, contact your system or network administrator.
Dialer information is used to help your computer connect to the Internet. For CMAK, the information that is collected is used to create connection profiles, which help administrators deploy and manage connections across a network.
Choice and control
For non-command-line dialers, you can choose to save your password. However, this option is turned off by default so you may be prompted to provide your password to connect to the Internet or a network. For command-line dialers like rasdial, there is no option to save your password.
Dynamic Update enables Windows Vista to perform a one-time check with the Microsoft Update website to get the latest updates for your computer while your operating system is being installed. If updates are found, Dynamic Update automatically downloads and installed them so your computer is up to date the first time that you log on or use it.
The types of updates Dynamic Update can download to your computer include:
· Installation updates: important updates for installation files to help ensure a successful installation
· In-box driver updates: additional hardware drivers that enable Windows Vista to successfully interact with your computer’s hardware
· Windows updates: important updates for the version of Windows that you are installing
· Microsoft Windows Malicious Software Removal Tool updates: updates for the latest version of this tool which can help remove malicious software such as viruses and worms if it detects them on your computer
To install compatible drivers, Dynamic Update works with Windows Update (see Update Services later in this document) to send information to Microsoft about your computer's hardware.
Dynamic Update software reports information about your computer’s hardware to find compatible drivers. For more information about how information collected by Dynamic Update is used, see Update Services (later in this document).
During Windows Vista setup, you can choose to use Dynamic Update.
If you choose to participate in the Installation Improvement Program, the feature sends a single report to Microsoft. The report contains basic information about your computer and how you installed Windows Vista. We use this information to help improve the installation experience and to create solutions to common installation problems.
The report generally includes information about your installation and setup experience, such as the date of installation, the time it took for each installation phase to complete, whether the installation was an upgrade or a new installation of the product, version details, operating system language, media type, computer configuration, and success or failure status, along with any error codes.
The report is sent to Microsoft when you are connected to the Internet. This report does not contain contact information such as your name, address, or phone number. A globally unique identifier (GUID) is generated and sent with the report. The GUID is a randomly generated number that uniquely identifies your computer; it does not contain personal information.
Microsoft uses the report to improve our software installation experience. We use the GUID to correlate this data with data collected by the Customer Experience Improvement Program (CEIP), if you choose to participate in it when you are using Windows Vista. This GUID enables us to distinguish how widespread the feedback we receive is and how to prioritize it. For example, the GUID allows Microsoft to distinguish between one customer experiencing a problem one hundred times and other customers experiencing the same problem once. Microsoft will not use the information in the report to identify you or contact you.
For more information, about the Customer Experience Improvement Program, see the frequently asked questions online at: http://go.microsoft.com/fwlink/?LinkID=52095
You can choose to participate in this program when you set up Windows Vista.
The Microsoft Error Reporting Service helps Microsoft and Windows partners diagnose problems in the software you use and provide solutions. Not all problems have solutions, but when solutions are available, they are offered as steps to solve a problem you’ve reported or as updates to install. As part of setup and installation, the Microsoft Error Reporting Service sends back information about setup or installation failures in order to attempt to diagnose the problem. To help prevent problems and make software more reliable, some solutions are also included in service packs and future versions of the software.
Many Microsoft software programs, including Windows Vista, are designed to work with the reporting service. If a problem occurs in one of these software programs, you are asked if you want to send a report to check for a solution. You can view the details of the report before sending it, although some files might not be in a readable format.
Windows Vista also allows you to report problems automatically instead of requesting your consent each time a problem occurs. If you use automatic reporting, you are not typically prompted to review the information in a report before it is sent. However, no information is sent unless you (or your system or network administrator) choose to report problems. You can choose to stop reporting problems at any time.
Enterprise customers can use the Microsoft System Center Operations Manager 2007 to manage error reporting and data collection, and to choose the information that is sent to Microsoft.
For more information, see the Microsoft System Center Operations Manager 2007 website at: http://go.microsoft.com/fwlink/?LinkId=93241
The reporting service can collect information about problems that interrupt you while you work, and about errors that occur behind the scenes. It is important to diagnose errors that occur behind the scenes because these problems, if left unsolved, might cause additional problems such as performance or program failures.
Reports contain information that is most useful for diagnosing and solving the problem that has occurred, such as:
· Where the problem happened in the software or hardware; occasionally, empty files might be included as an initial indication of a problem
· The type or severity of the problem, if known
· Files that help describe the problem (typically, system or report-generated files about software behavior before or after the problem occurred)
· Basic software and hardware information (such as operating system version and language, device models and manufacturers, or memory and hard disk size)
Reports might unintentionally contain personal information, but Microsoft does not use the information to identify you or contact you. For example, a report that contains a snapshot of computer memory might include your name, part of a document you were working on, or data that you recently submitted to a website. If you are concerned that a report might contain personal or confidential information, you should not send the report. If a report is likely to contain this type of information, Windows will ask if you want to send it, even if you have turned on automatic reporting. This gives you the opportunity to review the report before sending it to Microsoft. Reports that you have not yet sent to Microsoft, including files and data attached to those reports, may be stored on your computer until you have an opportunity to review and send them. Reports that you have already sent, including files and data attached to those reports, may also be stored on your computer.
After you report a problem, you might be asked to complete a survey about the error experience. If you choose to provide a phone number or e-mail address in response to the survey, your error report will no longer be anonymous. Microsoft may contact you to request additional information to help solve the problem you reported.
Microsoft uses information about errors and problems to improve Windows and the software and hardware designed for use with Windows operating systems. Microsoft employees, contractors, vendors, and partners may be provided access to information collected by the reporting service. However, they may use the information only to repair or improve the products that they publish or manufacture.
For example, if an error report indicates that a third-party product is involved, Microsoft may send that information to the vendor of the product. The vendor may provide the information to sub-vendors and partners; however, all parties must abide by the terms of this privacy statement.
To improve the products that run on Microsoft software, Microsoft may share aggregate information about errors and problems. Microsoft uses aggregate information for statistical analysis. Aggregate information does not contain specific information from individual reports, nor does it include any personal or confidential information that may have been collected from a report.
To view your problem history, check for new solutions, or delete problem reports and solutions, go to Problem Reports and Solutions in Control Panel or see Help and Support for more information.
Online phishing is a technique used to trick computer users into revealing personal or financial information through an e-mail message or website. A common online phishing scam starts with an e‑mail message that appears to come from a trusted source but actually directs you to provide information to a fraudulent website. Phishing Filter is designed to warn you if you're visiting websites that display phishing characteristics or that have been reported to Microsoft as fraudulent.
Phishing Filter is designed to warn you if the website you are visiting might be impersonating a trusted website. Phishing Filter does this by first checking the address of the website you are visiting against a list of website addresses stored on your computer that have been reported to Microsoft as legitimate ("legitimate list").
The first time you attempt to visit a website that is not on the legitimate list, you will be asked whether you would like to have Phishing Filter automatically check all websites you visit. If you opt in, addresses that are not on the legitimate list will be sent to Microsoft and checked against a frequently updated list of websites that have been reported to Microsoft as phishing, suspicious, or legitimate websites. You may also choose to use Phishing Filter manually to verify individual sites as you visit them.
When you use Phishing Filter to check websites automatically or manually, the addresses of the websites that you visit are sent to Microsoft, together with some standard information from your computer such as Internet Protocol (IP) address, browser type, and Phishing Filter version number. To help protect your privacy, the address information sent to Microsoft is encrypted using Secure Sockets Layer (SSL) and is limited to the domain and path of the website. Other information that may be associated with the address, such as search terms, data you entered in forms, or cookies, is not sent.
For example, if you visit the MSN Search website at http://search.msn.com and enter "weather" as the search term, instead of sending the full address "http://search.msn.com/results.aspx?q=weather&FORM=QBHP," Phishing Filter removes the search term and sends only "http://search.msn.com/results.aspx." Address strings might unintentionally contain personal information, but Microsoft does not use the information to identify you or contact you. If you are concerned that an address string might contain personal or confidential information, you should not report the site.
Anonymous statistics about your usage of Phishing Filter, such as the duration and total number of websites browsed since an address was sent to Microsoft for analysis, are also sent to Microsoft.
The information described above is used to analyze the performance and improve the quality of the Phishing Filter service. Microsoft does not use the information it receives to personally identify you.
Some URLS that are sent might be saved to be included in the legitimate list and then provided as client updates. When URLs are saved, additional information such as Phishing Filter and operating system version information, as well as your browser language, is saved.
If you choose the recommended settings during Windows Vista setup, you turn on automatic website checking with Phishing Filter. You can also turn Phishing Filter on or off in Internet Explorer.
1. In Internet Explorer, click the Tools button, click Phishing Filter, and then click Phishing Filter Settings.
2. Scroll to the Phishing Filter section under Security in the list of options, click Disable Phishing Filter, and then click OK.
Phishing Filter will no longer check or warn you about phishing sites that you might visit.
Windows Defender is the antispyware program in Windows. It offers two ways to help keep spyware and other potentially unwanted software from infecting your computer:
Real-time protection. Windows Defender alerts you when spyware or potentially unwanted software attempts to install itself or run on your computer. It also alerts you when programs attempt to change important Windows settings.
Scanning options. You can use Windows Defender to scan for spyware and other potentially unwanted software that might be installed on your computer, to schedule scans on a regular basis, and to automatically remove any malicious software that is detected during a scan.
If you choose the recommended settings during Windows Vista setup, you turn on Windows Defender real-time protection. You also turn on automatic scanning at 2:00 A.M. each day. Windows Defender will automatically install updated definitions before scanning, and then remove software with severe alert levels that it detects during the scan. If your copy of Windows is genuine, Windows Defender will also remove software with high alert levels that it detects during a scheduled scan.
For more information about the Windows Genuine Advantage, go online to: http://go.microsoft.com/fwlink/?LinkID=51371
If you choose the recommended settings, you will also join Microsoft SpyNet with a basic membership. The online Microsoft SpyNet community helps you see how other people respond to software that has not yet been classified for risks. If you choose to be notified about this software, seeing if other members of the community permit or deny the software or changes made by the software can help you decide what to do. In turn, if you participate, your choices are added to the community ratings to help other people decide what to do. You can choose to be notified about software that has not yet been classified for risks by using the options provided in Windows Defender or by joining Microsoft SpyNet with an advanced membership (see below).
If you join Microsoft SpyNet, Windows Defender will automatically send information to help Microsoft determine which software to investigate for potential threats and to help improve how Windows Defender works. The information that is sent in reports is determined by your Microsoft SpyNet membership (see below).
You can change the recommended settings at any time by using the options provided in Windows Defender.
The Microsoft SpyNet antispyware community is a voluntary, worldwide community of Windows Defender users. Through Microsoft SpyNet, users can re...
donkurakos