System Center Advisor Privacy Statement
Microsoft is committed to protecting your privacy, while delivering software and services that brings you the performance, power, and convenience you desire in your personal computing. This privacy statement explains the data collection and use practices of Microsoft System Center Advisor (“Advisor”) and covers both the Advisor website and service (“the Advisor Online Service”), and the software you install to enable the Advisor Online Service including the Advisor Agent and Advisor Gateway. This is privacy statement focuses on Advisor features that communicate with the Internet as well as the data collected via the Advisor Online Service and is not intended to be an exhaustive list.
System Center Advisor is an online service that analyzes installations of Microsoft SQL Server 2008 (and later versions), and Windows Server 2008 and 2008 R2, and Lync Server 2010. Advisor collects data from your installations, analyzes it, and generates Alerts that identify potential issues (such as missing security patches) or deviations from identified best practices with regard to configuration and usage. Advisor also provides both current and historical views of the configuration of servers in your environment.
COLLECTION AND USE OF YOUR INFORMATION
The information we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to enable the features you are using and provide the service(s) or carry out the transaction(s) you have requested or authorized. It may also be used to analyze and improve Microsoft products and services.
We may send certain mandatory service communications such as welcome letters, billing reminders, information on technical service issues, and security announcements. Some Microsoft services may send periodic member letters that are considered part of the service. We may occasionally request your feedback, invite you to participate in surveys, or, if you consent to receive them, send you promotional mailings to inform you of other products or services available from Microsoft and its affiliates.
In order to offer you a more consistent and personalized experience in your interactions with Microsoft, information collected through one Microsoft service may be combined with information obtained through other Microsoft services. We may also supplement the information we collect with information obtained from other companies. For example, we may use services from other companies that enable us to derive a general geographic area based on your IP address in order to customize certain services to your geographic area.
In order to access certain Advisor services, you will be asked to enter a Microsoft account or an Organizational account. To learn more about how your credential information is used when you sign in to participating sites, please read the Microsoft Online Privacy Statement at https://go.microsoft.com/fwlink/?LinkId=204800.
Except as described in this statement, personal information you provide will not be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as packaging, sending and delivering purchases and other mailings, answering customer questions about products or services, processing event registration, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose.
Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets.
Information that is collected by or sent to Microsoft by Advisor may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.
COLLECTION AND USE OF INFORMATION ABOUT YOUR COMPUTER
When you use software with Internet-enabled features, information about your computer ("standard computer information") is sent to the Web sites you visit and online services you use. Microsoft uses standard computer information to provide you Internet-enabled services, to help improve our products and services, and for statistical analysis. Standard computer information typically includes information such as your IP address, operating system version, browser version, and regional and language settings. In some cases, standard computer information may also include hardware ID, which indicates the device manufacturer, device name, and version. If a particular feature or service sends information to Microsoft, standard computer information will be sent as well.
The privacy details for each Advisor feature, software or service listed in this privacy statement describe what additional information is collected and how it is used.
SECURITY OF YOUR INFORMATION
Microsoft is committed to helping protect the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure. For example, we store the information you provide on computer systems with limited access, which are located in controlled facilities.
USE OF COOKIES
We may use cookies on the Advisor website to enable you to sign in to our services or to help personalize the Site. A cookie is a small text file that is placed on your hard disk by a Web server. Cookies contain information that can later be read by a Web server in the domain that issued the cookie to you. Cookies cannot be used to run programs or deliver viruses to your computer. One of the primary purposes of cookies is to provide a convenience feature to save you time. For example, if you personalize a Web page, or navigate within a site, a cookie helps the site to recall your specific information on subsequent visits. This simplifies the process of delivering relevant content, eases site navigation, and so on. When you return to the Web site, the information you previously provided can be retrieved, so you can easily use the site's features that you customized.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you are using Internet Explorer, search for "Cookies" in the Help menu to find detailed instructions. If you choose to decline cookies, you may not be able to use interactive features of the Advisor website or other Web sites that depend on cookies.
Use of Web Beacons
Microsoft Web pages may contain electronic images known as Web beacons - sometimes called single-pixel gifs - that may be used to assist in delivering cookies on our sites and allow us to count users who have visited those pages and to deliver co-branded services. We may include Web beacons in e-mail messages or our newsletters in order to determine whether messages have been opened and acted upon.
Microsoft may also employ Web beacons from third parties in order to help us compile aggregated statistics regarding the effectiveness of our promotional campaigns or other operations of our sites. We prohibit Web beacons on our sites from being used by third parties to collect or access your personal information.
CHANGES TO THIS PRIVACY STATEMENT
We will occasionally update this privacy statement to reflect changes in our products, services, and customer feedback. When we post changes, we will revise the "last updated" date at the top of this statement. If there are material changes to this statement or in how Microsoft will use your personal information, we will notify you either by posting a notice of such changes on the Advisor website prior to implementing the change or by directly sending you a notification. We encourage you to periodically review this statement to be informed of how Microsoft is protecting your information.
FOR MORE INFORMATION
Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please contact us by using our Web form, available at https://go.microsoft.com/?linkid=9740810.
Microsoft Privacy
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052 USA
425-882-8080
SPECIFIC FEATURES
The remainder of this document will address the following specific features:
Agent & Gateway
What this feature does:
The Advisor Agent is a software component that you install on each server that you choose to monitor via Advisor (“Enrolled Server”). The Advisor Gateway is a component that you install on one or more servers of your choice.
The Advisor Agent collects configuration data for all Enrolled Servers, and analyzes the data to generate Alerts (e.g., notifications of potential issues, such as missing security patches).
The Advisor Gateway manages communication between the Advisor Online Service and the Enrolled Servers. It aggregates data collected from one or more Agents and uploads the collected data to the Advisor Online Service. The Advisor Gateway also downloads the desired server configuration and required Management Packs from the Advisor Online Service to the Enrolled Servers.
Information collected, processed or transmitted:
The Advisor Agent collects data from each Enrolled Server periodically (daily by default), analyzes the data in order to generate Configuration, Alerts, and Overview information, and sends the collected data to the Gateway for subsequent transport to the Advisor Online Service.
Advisor Management Packs (MPs) determine the types of configuration data that the Agent will collect from the Enrolled Servers. The monitored data could include such information as computer name, DNS name, fully-qualified domain name, IP address, agent ID, and software configuration. For more information on the type of data that may be collected, please see https://go.microsoft.com/fwlink/?LinkId=240298.
The data related to each Enrolled Server may also be accessed locally on the Enrolled Server until the data is uploaded to the Gateway, or until the expiration of the archive period set by the Account Administrator, whichever is later. For more information regarding the access and local storage of data on the Enrolled Servers, please see https://go.microsoft.com/fwlink/?LinkId=241476.
Use of information
The information collected will be used to generate Alerts and to operate and improve the Advisor Online Service, including troubleshooting aimed at preventing, detecting and repairing problems affecting the operation of the Advisor Online Service.
Choice/Control:
By default, the Advisor Agent will automatically transfer locally collected data to your Gateway. To change the default settings by editing the registry keys, please see https://go.microsoft.com/fwlink/?LinkId=240299.
By default, the Advisor Gateway will automatically upload collected data to the Advisor Online Service. To change the default settings by editing the registry keys, please see https://go.microsoft.com/fwlink/?LinkId=240299.
Alerts and Overview
What this feature does:
Alerts provide recommendations based on the Agents’ analysis of data collected from the Enrolled Servers. Alerts summarize the potential issues that have been identified, and provide links to complete guidance on how to resolve each issue. The Overview feature summarizes the analysis provided through Alerts.
Information collected, processed, or transmitted:
Alerts are generated based on the configuration data collected through the Advisor Agents.
In addition, the Advisor Online Service automatically collects information regarding your actions in response to the Alert (e.g. whether the alert recommendations were implemented or ignored). You also have the option of providing feedback on the Alerts by clicking on the smiling or frowning face associated with each Alert. You also have the option of providing written feedback on Alerts and other aspects of Advisor, as further discussed in the “Direct Feedback” section of this Privacy Statement.
Use of information:
Alerts are provided to assist customers in reducing downtime and optimizing the performance of Microsoft Server products. Alerts may be viewed by all Account Administrators and registered users of your Advisor account.
In addition, information regarding the occurrences of Alerts on all Customers’ servers, the Customers’ actions in response to those Alerts (e.g. whether the alert recommendations were implemented or ignored), and any customer feedback related to Alerts may be used by Microsoft in order to improve the effectiveness of Alert guidance and to improve customer satisfaction.
Choice/Control
Alerts are a mandatory part of the Advisor Online Service. Customers’ actions in response to Alerts will be automatically transmitted to the Advisor Online Service and may be used by Microsoft as described above. If you do not wish to receive Alerts or to transmit this information, do not use this Service.
You may choose, however, whether or not to click on the smiling or frowning face associated with each Alert in order to provide feedback; this feedback feature is optional. You may also choose to provide Direct Feedback as further discussed in the “Direct Feedback” section of this Privacy Statement.
Service request initiation:
What this feature does:
You can request assistance from Microsoft Support for an Advisor Alert by creating a service request from the Alerts page on the Advisor website. You will be redirected to the Microsoft Online Assisted Support website to fill in details of the service request.
Information collected, processed or transmitted:
Once your service request is submitted, your Microsoft account or Organizational account, the product name and SKU of the product referenced in the Advisor alert will be transmitted to the Microsoft Online Assisted Support website. If you previously provided your optional Microsoft Premier Support Access ID during registration, this account ID will also be transmitted to Microsoft Online Assisted Support.
Use of information:
Transmitted data will help to streamline the service request creation process. Your optional Microsoft Premier Support Access ID will be used to route your issue.
Choice/Control:
You can choose to create a new service request directly from the Microsoft Online Assisted Support web site at https://go.microsoft.com/fwlink/?LinkId=204804.
Registration & Account management
What this feature does:
Registration allows you to sign up for the Advisor Online Service so you can use any of its other features.
Account Management provides ongoing access to your Advisor account information, such as your name and Advisor Account name, as well as the ability to close your account.
Information collected, processed, or transmitted:
During the registration process, you will sign in with your valid Microsoft account or Organizational account. Advisor does not store your account name or password. In the account registration wizard, the Advisor Online Service will ask you to provide some personal information, such as your name and Advisor Account name.
When you update your Advisor account, your account information will be sent to the Advisor Online Service.
Use of information:
The Advisor Online Service uses your registration and account information to uniquely identify your Advisor account. For information on how account information is used, please see its privacy statement located at https://go.microsoft.com/fwlink/?LinkId=74170.
Choice/Control:
Registration is required to use the Advisor Online Service. You are required to sign in with your valid Microsoft account or Organizational account. If you provide a Microsoft account you will be required to provide and your name and company name as part of registration.
You may access and update your account information in the Account Information and User Information sections of the Account page.
Digital Certificates
What this feature does:
Prior to installing the Advisor Gateway software, you must download a digital certificate which is generated by the Advisor Online Service specific to your account ("Registration Certificate"). This Registration Certificate is used by the Advisor Online Service to associate your account with the Advisor Online Service during installation of the Gateway. The Registration Certificate contains an ID representing your account that is used only by the Advisor Online Service.
When you install the Advisor Gateway, a new digital certificate ("Gateway Certificate") is generated and stored on the local Enrolled Server, and its public key is sent to the Advisor Online Service. From this point forward, the Gateway does not use the Registration Certificate. The Advisor Online Service uses the public key of the Gateway Certificate to associate that Gateway with your account within the Advisor Online Service and to authenticate the Advisor Gateway. The Gateway Certificate is automatically renewed on a yearly basis. The Gateway Certificate does not contain any personal information or information about the Enrolled Servers or the installed software, and it cannot be backward calculated to determine any additional information about your computer.
Use of information:
The public cryptography key is used to uniquely identify and authorize each installed Advisor Gateway.
Choice/Control
Downloading the Registration Certificate prior to Gateway installation is required to use the Advisor Online Service. Storing the Gateway Certificate and sending its public key to the Advisor Online Service are also required.
Addition/Deletion of Users:
What this feature does:
User management allows you to grant other users access to your Advisor account so they can view the data in your account and use the available features.
Information collected, processed or transmitted:
When adding a new user to your account, you will be able to choose from either a Microsoft account or an Organizational account.
If adding a Microsoft account, you must provide the invited user’s email address. The invited user will receive an email at this address inviting them to join your Advisor account. To join the account, the invited user will need to sign in with a valid Microsoft account as well as provide their first and last name.
If adding an Organizational account, you will be able to search and select users in your organization.
For information on how account information is used, please see the Microsoft Online privacy statement located at https://go.microsoft.com/fwlink/?LinkId=74170.
Use of information:
Advisor uses this information to uniquely identify the invited user and associate his or her actions within your Advisor account.
Choice/Control:
Account administrators have full control over who has access to the Advisor accounts. Administrators can remove access to a user at any time by using the account management features.
Invited users have the choice to accept the invitation and become a user of the specified Advisor account. By accepting the invitation, the user’s name and email will be visible to the other users of the account. To be removed from an account, a user must ask an Administrator on the account to remove them. Once removed, the user’s name and email address will no longer be visible to the other users of the account.
Advisor Diagnostics
What this feature does:
In the event of an unexpected error arising from your use of the Advisor Portal, Advisor automatically collects diagnostic information about the error and the transaction ID in order to help quickly resolve issues.
Information collected, processed, or transmitted:
Advisor collects exception information that may arise in the case of an unexpected error, including error or warning messages, web request transaction ID, and error trace codes. The Advisor Online Service associates such exception information with a given transaction, but the transaction is not associated with a user.
Use of information
The Advisor Online Service collects this information for internal engineering use to quickly diagnose and resolve issues.
Choice/Control
The Advisor Online Service automatically collects any diagnostic information that arises from unexpected errors. You may not disable this feature unless you disable the transmission of data from the Gateway to Advisor by editing the registry keys. For more information on editing the registry keys, see https://go.microsoft.com/fwlink/?LinkId=240299.
Direct Feedback Collection:
What this feature does:
Direct Feedback will allow you to submit your thoughts, ideas, comments, and information about bugs you’ve encountered directly to the Advisor team. The feedback you submit is not anonymous. The Advisor team will use this feedback to continually improve System Center Advisor.
Information collected, processed or transmitted:
When you submit feedback, your Microsoft account or Organizational account and Advisor Account name will be stored, along with the actual feedback, the time of submission, and the location of the Advisor portal whereupon you have launched the Direct Feedback feature.
Use of information:
We will use your feedback to directly improve our product. The Advisor team may contact you at times via your Microsoft account email, to get more information about the feedback you have submitted or to provide you with direct help to solve an issue or problem. By submitting Direct Feedback, you consent to being contacted by the Advisor team for these purposes.
Choice/Control:
Direct Feedback will only collect information when the user chooses to submit feedback by selecting a link at the Advisor website. No feedback will be automatically collected. Once submitted, feedback cannot be deleted or removed from the system. You can choose not to part-take in submitting feedback by simply not using this feature, or canceling out of the feature before final submission.
Microsoft Update:
What this feature does:
The Advisor Agent and Gateway software can be updated using Microsoft Update. If a user has opted-into receiving Microsoft Update, they will receive the latest updates for Advisor and other Microsoft products.
Information collected, processed or transmitted:
Advisor does not collect any information relating to the usage of Microsoft Update. See the privacy statement for Microsoft Update at https://update.microsoft.com for more information.
Use of information:
Advisor does not collect any data related to the computer’s usage of Microsoft Update.
Choice/Control:
Microsoft Update is an optional service, and users can opt-in and out of the service at any time. During the installation of the Advisor Agent and Gateway, users are asked to opt-in to receiving Microsoft Update if they have not opted-in previously. Advisor does not change the computer’s other update settings. If a user has opted-into Microsoft Update, they will receive specific updates for Advisor [and any other Microsoft products]. Users who do not opt-into Microsoft Update will need to manually download the latest versions of the Advisor Agent and Gateway software at the Advisor website.