Privacy Statement for Microsoft Forefront Protection 2010 for Exchange Server and Microsoft Forefront Protection 2010 for SharePoint

Last Updated: March 2009

Microsoft is committed to protecting your privacy. This privacy statement explains data collection and use practices of the Microsoft Forefront Protection 2010 for Exchange Server and Microsoft Forefront Protection 2010 for SharePoint ("Forefront Server").  Forefront Server is a server-level anti-virus protection solution that utilizes a multiple scan engine approach for anti-virus scanning and content-filtering. This privacy statement focuses on features that communicate with the Internet and is not intended to be an exhaustive list. It does not apply to other online or offline Microsoft sites, products or services.

Collection and Use of Your Information

Forefront Server collects data as part of its error reporting mechanism, and will routinely log certain information on your computer, including system name, system configuration, user name, user’s mailbox name, public folder name, message subject line, message sender, message recipients, file paths, IP addresses, and proxy user name and password. Some of this information can personally identify you. If your computer experiences a problem, we may ask you to send this logged information to us to help diagnose the problem. In order to help diagnose a problem that you have experienced, we may also ask you for copies of e-mail, file attachments, system information, log files and event log files. Although it is not recommended, logging can be disabled via the Forefront Server Security Administrator.

You may choose to submit suspected viruses via e-mail to Microsoft for analysis by our anti-virus engine vendors. If the suspected virus is in an attachment, we only forward the attachment (i.e., no information in the cover e-mail about you or the original recipient is sent). For other types of suspected viruses, we forward the e-mail you send to us to our anti-virus engine vendors. We may use your e-mail address to contact you if we need more information to investigate the suspected virus. Our anti-virus engine vendors will not contact you, nor will they use your e-mail address for any other purpose. We will not otherwise use the information you send us to indentify or contact you.

Except as described in this statement, personal information you provide will not be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as packaging, sending and delivering purchases and other mailings, answering customer questions about products or services, processing event registration, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose.

Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public.

 Information that is collected by or sent to Microsoft by Forefront Server may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union.

Collection and Use of Information about Your Computer

This software contains Internet-enabled features that collect certain standard information from your computer ("standard computer information") and send it to Microsoft. Standard computer information typically includes information such as your IP address, operating system version, browser version, your regional and language settings. In some cases, standard computer information may also include hardware ID, which indicates the device manufacturer, device name, and version. If a particular feature or service sends information to Microsoft, standard computer information will be sent as well.

Security of your Personal Information

Microsoft is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, we store the personal information you provide on computer servers with limited access that are located in controlled facilities.

Changes to this statement

We may occasionally update this privacy statement. When we do, we will revise the "Last updated" date at the top of the statement. To stay informed about how we are helping protect the information collected by Forefront Server, we encourage you to periodically review this privacy statement.

For More Information

Microsoft welcomes your comments regarding this privacy statement. If you believe that Microsoft has not adhered to this statement, please contact us.

Microsoft Privacy
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

To find contact details for the Microsoft subsidiary or affiliate in your country or region, see the Microsoft Worldwide website at www.microsoft.com/worldwide.

Specific features

The remainder of this document will address the following specific features:

Activation

What This Feature Does:

This feature allows you to configure your copy of Forefront Server with your licensing information.

Information Collected, Processed, or Transmitted:

Forefront Server activation will ask you to enter your license agreement number and license expiration date. None of this information is sent to Microsoft during activation, but it is stored by Forefront Server and is sent to Microsoft during updates as described below in this privacy statement.

Use of Information:

The information you provide is used to configure your copy of Forefront Server and to replace the default information in the product’s license file.

Choice/Control:

You can choose not to provide your license agreement number or license expiration date. If you do so, Forefront Server will use the default information in the product’s license file.

Scan Engine Updates

What This Feature Does:

Forefront Server will automatically contact Microsoft for regular updates to the scan engines, including anti-virus signatures, scan engine binaries, and associated dynamic link libraries as part of the service provided.

Information Collected, Processed, or Transmitted:

In addition to standard computer information, some additional information is sent to Microsoft during this process. This includes the Forefront Server product version, globally unique identifier (GUID), operating system version, groupware version running on your server, engine usage data, and your license agreement number and license expiration date. Use of Information:

Information sent to Microsoft may be used to generate reports on engine and product usage. Your agreement number may also be used to contact you in the event of a change to the update service or the update site or with regard to changes in license status.

Choice/Control:

You may configure scan engine update frequency via the Forefront Server Security Administrator, including turning scan engine updates off (although this practice is not recommended). For more information on how to make these changes, please see the File Scanner Updating section in the Forefront Server Security User Guide.

Cloudmark Updates

What This Feature Does:

Microsoft Forefront Security for Exchange Server will automatically contact Cloudmark servers for regular updates to the Cloudmark anti-spam signatures as part of the service provided.

Information Collected, Processed, or Transmitted:

In addition to standard computer information, some additional information is sent to Cloudmark during this process. This includes the Forefront Server Application name,  the hostname of the server, as well the version of the Cloudmark engine and signatures currently installed on your server.

Use of Information:

Cloudmark’s use of this information is described in their privacy policy at http://go.microsoft.com/fwlink/?LinkId=127833

Choice/Control:

You may configure scan engine update frequency via the Forefront Server Security Administrator, including turning scan engine updates off (although this practice is not recommended).

Cloudmark Statistics Reporting

What This Feature Does:

Microsoft Forefront Security for Exchange Server will automatically contact Cloudmark servers to send usage and error reports to Cloudmark.

Information Collected, Processed, or Transmitted:

In addition to standard computer information, some additional information is sent to Cloudmark during this process. This includes basic details about your server’s use of the Cloudmark engine and service, such as the number of e-mails marked as spam over a given period and any errors generated by the scanning engine.

Use of Information:

Cloudmark’s use of this information is described in their privacy policy at http://go.microsoft.com/fwlink/?LinkId=127833

Choice/Control:

This feature can be enabled and disabled through the Forefront Server Security Administrator under the Anti-Spam à General settings.

Customer Experience Improvement Program 

What This Feature Does:

The Customer Experience Improvement Program (“CEIP”) collects basic information about your hardware configuration and how you use our software and services in order to identify trends and usage patterns. CEIP also collects the type and number of errors you encounter, software and hardware performance, and the speed of services.  We will not collect your name, address, or other contact information.

Information Collected, Processed, or Transmitted: 

For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at http://go.microsoft.com/fwlink/?LinkId=148060.

Use of Information:

We use this information to improve the quality, reliability, and performance of Microsoft software and services.

Choice/Control: 

You are offered the opportunity to participate in CEIP during setup. If you choose to participate and later change your mind, you can turn off CEIP at any time by following these steps:

  1. Open the Forefront console.
  2. Click the “Protection Settings” button and navigate to the “Advanced Options” screen.
  3. Under the section labeled “Customer Experience Improvement Program”, clear the checkbox.