Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Note
For a list of Microsoft 365 products covered by this privacy information, see Privacy controls available for Office products.
To make sure our products are up to date, secure, and performing as expected, Microsoft processes diagnostic events from the use of Microsoft 365 apps and services. For example, when a user selects the summarize feature in Copilot in Word, or saves a file to OneDrive, those activities are collected for diagnostic purposes.
Note
Diagnostic events that are processed might have associated pseudonymous identifiers. A pseudonymous identifier can't be directly attributed to an individual without using additional information and is often used to protect personal privacy or improve data security by replacing personal identifiers with placeholder values. However, because a pseudonymous identifier can ultimately be linked to an individual, it's considered personal data.
Your right to export your personal data
Regulations such as the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) give individuals certain rights to manage their personal data when it has been collected by an employer or other type of agency or organization. In these regulations, individuals are referred to as "data subjects." One of the rights given by these regulations is the ability for data subjects to obtain a copy of the personal data that’s been collected about them.
Export of system-generated logs
Microsoft, in its role as a data processor, provides organization administrators with the ability to request an export of customer data, insights generated by Office 365, and system-generated logs. In particular, system-generated logs contain the pseudonymized personal data collected or generated by Microsoft, in the form of diagnostic events, when their employees use Microsoft 365 apps and services provided by their organization. The export contains various file types that can be opened by common computer programs, such as a text editor or browser.
Diagnostic events in exports
When a user initiates an activity within Microsoft 365, information about that user activity is collected as one or more diagnostic events. Diagnostic events can be collected through client-related diagnostic data (from required diagnostic data and optional diagnostic data) and service-related diagnostic data (from required service data). Microsoft analyzes these events to help make sure that the feature performed as expected, and that the application and feature remain secure and up to date.
When a user performs an action, multiple diagnostic events may be collected. These events help make sure that the action performed as expected. For example, when a user selects the Copilot icon on a document in Word for the web, events are collected for the selection of the Copilot icon and the ensuing steps leading to the completion of this action. Because the sequence of events contains identical pseudonymized personal data, the export only includes events that are directly related to the user-initiated action. This provides users who have requested an export with a record of the pseudonymized personal data collected about them for actions they’ve initiated while using Microsoft 365 without overwhelming users with a high volume of repetitious information.
What data does Microsoft retain and for how long?
Microsoft adheres to data minimization obligations under GDPR Article 5, which requires that Microsoft not retain personal data beyond the period for which it's required. Microsoft has a general policy to retain diagnostic event data for Microsoft 365 apps and services, including Microsoft 365 Copilot, for up to 18 months. For more information, see Data retention, deletion, and destruction in Microsoft 365.
How long does it take for an export to complete?
Personal data exports are completed in a timely manner, but because personal data can come from multiple systems, they may take up to 30 days to complete and provide to the requesting organization administrator.
What do diagnostic events in exports look like?
The following example shows what a diagnostic event in a system-generated log export might look like. The example shows an event related to when a user selects the Copilot icon on a document in Word for the web.
[{
"time": "2025-02-08T00:30:42.818000+00:00",
"correlationId": null,
"properties":
{
"ActionTime": "2025-02-08T00:30:42.818Z",
"AppName": "Word",
"Action": "CopilotComposeIndicatorClicked",
"Target": "",
"IP": "",
"InputMethod": "",
"DevicePlatform": "Windows",
"SearchTerm": "",
"SearchResult": "",
"BrowserType": "Edge",
"Location": "US",
"EventName": "Office.Word.Online.Data.Activity.CopilotComposeIndicatorClicked"
}
}]
Note
The value of some fields in exported events, such as for the SearchTerm field in the example of an exported event, might be empty. In those cases, the value is empty because no data was collected and sent to Microsoft for that field.
Event namespaces for diagnostic events
All diagnostic events are grouped into event namespaces. Event namespaces signify the feature, application, or service that generates the event. Event namespaces are usually the first 2 or 3 words of the name of the diagnostic event. In the example of an exported event, the event namespace is Office Word Online Data. That event namespace represents diagnostic events originating from tools and features related to data management and analysis within Word for the web.
For more information about event namespaces, see Diagnostic event namespaces for Microsoft 365 products and Microsoft 365 Copilot.