Muokkaa

Jaa


Privacy

Windows Autopatch is a cloud service for enterprise customers designed to keep Windows devices updated. This article provides details about data platform and privacy compliance for Windows Autopatch.

Windows Autopatch data sources and purpose

Autopatch collects and stores data according to the Microsoft Privacy Statement.

Data provided by the customer or generated by the service during normal operation is stored. For example, when a device is targeted with a policy, information is stored enabling the service to deliver content to targeted devices.

Business Premium and A3+ licenses require the use of Windows Diagnostic data. For more information, see Diagnostic data in Windows Autopatch.

Windows Autopatch data process and storage

Important

The information in section applies to Business premium, A3+, E3+ and F3 licenses. For more information, see Features and capabilities and Licenses and entitlements.

Windows Autopatch relies on data from multiple Microsoft products and services to provide its service to enterprise customers. To protect and maintain enrolled devices, we process and copy data from these services to Windows Autopatch. When we process data, we follow the documented directions you provide as referenced in the Online Services Terms and Microsoft Privacy Statement.

Processor duties of Windows Autopatch include ensuring appropriate confidentiality, security, and resilience. Windows Autopatch employs additional privacy and security measures to ensure proper handling of personal identifiable data.

Windows Autopatch data storage and staff location

Data obtained by Windows Autopatch and other services are required to keep the service operational. If a device is removed from Windows Autopatch, we keep data for a maximum of 30 days. For more information on data retention, see Data retention, deletion, and destruction in Microsoft 365.

Data stored in this part of the service is stored only in two regions, either Azure’s north American data centers or its European ones.

Microsoft Windows 10/11 diagnostic data

Windows Autopatch uses Windows diagnostic data to keep Windows secure, up to date, fix problems, and make product improvements. Learn more about configuring diagnostic data for your organization in Intune.

To take advantage of the unique deployment scheduling controls and protections tailored to your population and to deploy driver updates, devices must share diagnostic data with Microsoft. For these features, at minimum, the deployment service requires devices to send diagnostic data at the Required level for these features.

Tenant access

Important

To activate all Windows Autopatch features, you must have Windows 10/11 Enterprise E3+ or F3 (included in Microsoft 365 F3, E3, or E5) licenses. Feature activation is optional and at no additional cost to you when you have Windows 10/11 Enterprise E3+ or F3 licenses. For more information, see Licenses and entitlements.

Microsoft Windows Update for Business Reports

If you have Business Premium and A3+ licenses, when you use Windows Update for Business reports, using diagnostic data at the following levels allows device names to appear in reporting:

  • Optional level (previously Full) for Windows 11 devices
  • Enhanced level for Windows 10 devices

Microsoft Entra ID

Important

The information in section applies to Business premium, A3+, E3+ and F3 licenses. For more information, see Features and capabilities and Licenses and entitlements.

Identifying data used by Windows Autopatch is stored by Microsoft Entra ID in a geographical location. The geographical location is based on the location provided by the organization upon subscribing to Microsoft online services, such as Microsoft Apps for Enterprise and Azure. For more information on where your Microsoft Entra data is located, see Microsoft Entra ID - Where is your data located?

Microsoft Intune

Important

The information in section applies to Business premium, A3+, E3+ and F3 licenses. For more information, see Features and capabilities and Licenses and entitlements.

Microsoft Intune collects, processes, and shares data to Windows Autopatch to support business operations and services. For more information about the data collected in Intune, see Data collection in Intune.

For more information on Microsoft Intune data locations, see Where your Microsoft 365 customer data is stored. Intune respects the storage location selections made by the administrator for customer data.

Microsoft 365 Apps for enterprise

Microsoft 365 Apps for enterprise only collects and shares data with Windows Autopatch when you activate Windows Autopatch features. Windows Autopatch ensure those apps are up to date with the latest version.

To use Windows Autopatch features, you must have the correct Enterprise license(s) and activate Windows Autopatch features. For more information about Enterprise licenses and the prerequisites, see Windows Autopatch prerequisites. For more information about features and capabilities, see Features and capabilities.

Major data change notification

Important

The information in section applies to Business premium, A3+, E3+ and F3 licenses. For more information, see Features and capabilities and Licenses and entitlements.

We notify customers through the Microsoft 365 message center, and the Windows Autopatch admin center about security incidents and major changes to the service.

Changes to the types of data gathered and storage are considered a material change. We provide a minimum of 30 days advanced notice of this change as it's standard practice for Microsoft 365 products and services.

Data subject requests

Windows Autopatch follows General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) privacy regulations, which give data subjects specific rights to their data.

These rights include:

  • Obtaining copies of data
  • Requesting corrections to it
  • Restricting the processing of it
  • Deleting it
  • Receiving it in an electronic format so it can be moved to another controller

For more general information about Data Subject Requests (DSRs), see Data Subject Requests and the GDPR and CCPA.

For Data Subject Requests from other products related to the service, see the following articles:

Important

The information in section applies to Business premium, A3+, E3+ and F3 licenses. For more information, see Features and capabilities and Licenses and entitlements.

The following is Microsoft's privacy notice to end users of products provided by organizational customers.

The Microsoft Privacy Statement notifies end users that when they sign into Microsoft products with a work account:

  1. Their organization can control and administer their account (including controlling privacy-related settings), and access and process their data.
  2. Microsoft might collect and process the data to provide the service to the organization and end users.