Last updated: October 2006

This page is a supplement to the Privacy Statement for the 2007 Microsoft Office system. In order to understand the data collection and use practices relevant for a particular Office program or service, you should read both the Privacy Statement for the 2007 Microsoft Office system and this supplement.

Linking to pictures and other documents

If you choose to create a link to an image, file, data source, or other document on your hard disk or on a server, the path to that file is saved in your document. In some cases, the link may include your user name or information about servers on your network. In the case of a data connection, you can choose to save a user name or password within the data connection link.

Also, when you apply an XML Schema to a document, a path to the XML Schema that you have created is saved to the document. In some cases, that path may include your user name.

Printing

When you print an Microsoft Office Outlook 2007 document and then save that document, Office Outlook 2007 saves the path to your printer with the document. In some cases, the path may include a user name or computer name.

Document Workspace sites

With Office Outlook 2007, you can access a Document Workspace site on a Microsoft Windows SharePoint Services site. A Document Workspace site is a shared space where you can quickly and easily collaborate with other team members on one or multiple documents.

When you access a Document Workspace site, Office Outlook 2007 downloads some data from the Document Workspace site to provide you with information about that site. Specifically, Office Outlook 2007 obtains the following:

• Name of the Windows SharePoint Services site
• URL or address of the site
• Names, e-mail addresses, and permission levels of the site users
• Lists of the documents, tasks, and other information available from the site

Office Outlook 2007 also stores a list of the Windows SharePoint Services sites that you have visited on your computer, in the form of cookies. This list is used to provide you with quick access to the sites that you have visited before. The list of sites that you have visited is not accessed by Microsoft and is not exposed to the Internet unless you choose to make the list more broadly available.

Fax service

The fax service allows you to send a fax over the Internet and organize the faxes that you have sent in Office Outlook 2007. To use the fax service, you must sign up with a fax service provider, separate from Microsoft, who will process the faxes and send them over the Internet. Microsoft does not collect any data from this transaction.

When you sign up for the fax service, the fax service provider creates a registration package that is stored by the fax service provider and Office Outlook 2007. The package consists of the address of the fax service provider's Web site and a "token" confirming your access to the fax service provider. When you send a fax from an Office program, this registration package is appended to the document.

You can also use the fax service to calculate the price of a fax without actually sending the fax. If you choose to calculate the price of a fax, Office Outlook 2007 will use a Secure Sockets Layer (SSL) connection to send your registration token, the phone number where the fax is to be sent, and the number of pages of the fax to the fax service provider. Microsoft does not receive or store this information.

Windows SharePoint Services

Microsoft Windows SharePoint Services provides shared, Web-based Workspace sites where you can collaborate on documents or meetings.

When you access a SharePoint site, by using either the Web browser or any Office program, the site will save a cookie to your computer if you have permissions to create a new subsite on that site. Taken together, these cookies form a list of sites to which you have permissions. This list is used by several Office programs to provide you with quick access to the sites that you have visited before.

The list of sites that you have visited is not accessed by Microsoft and is not exposed to the Internet unless you choose to make the list more broadly available.

You can clear this list by using your Web browser to clear your cache of cookies.

Windows SharePoint Services also saves a list of the five Meeting Workspace sites that you have used most recently to your system's registry. The registry entry contains the site name and URL of each of these five sites, the Template language ID, Template ID, Template name, and name of the meeting organizer. This allows you to easily keep track of the sites that you use most often.

In Windows SharePoint Services, when you create a new Web site or list, or add or invite people to an existing Web site or list, the site saves the following for each person, including you:

• Full name
• E-mail address
• User logon name (Microsoft Windows NT logon — for example, DOMAIN\user name)

A user ID will be added to every element that you or the other users of the site add to or modify on the site. As with all of the content on the SharePoint site, only administrators and members of the site itself should have access to this information.

All elements of the SharePoint site include two fields: Created By and Modified By. The Created By field is filled in with the user name of the person who originally created the element and the date when it was created. The Modified By field is filled in with the user name of the person who last modified the Office Outlook 2007 document and the date when it was last modified.

Administrators of the servers where SharePoint sites are hosted have access to some data from these sites, which is used for analyzing the usage patterns of the site and improving the percentage of time that the site is available. This data is available only to the server administrators and is not shared with Microsoft unless Microsoft is hosting the SharePoint site. The data specifically captured includes the names, e-mail addresses, and permissions of everyone with access to the site.

All users with access to a particular SharePoint site may search and view all content available on that site.

Auditing

Windows SharePoint Services provides auditing features that allow administrators to keep a reliable audit trail of how users are working with important content.

When Windows SharePoint Services administrators enable the Auditing feature, the server will automatically record in the SharePoint Content Database certain actions performed by the user. These actions include view, edit, check-in, and check-out. For each recorded action, the server will record identifying information about the file, the action, and the user's SharePoint ID and IP address. No data is sent to Microsoft as part of this transaction.

This feature is off by default and is available only to administrators of SharePoint sites where content is stored.

Instant messaging and notifications

Office Outlook 2007 provides you with the ability to send instant messages from within the program itself and provides you with the ability to be alerted when people are online or when certain changes are made to shared documents or workspaces.

Office Outlook 2007 uses a Microsoft instant messaging client to provide you with the ability to see the online presence of other people and to send messages to them. Office Outlook 2007 includes a Web control that allows instant messaging presence to be displayed within a Web page. The purpose of this feature is to allow you to use Web pages to collaborate directly with other people who are working on the same documents or workspaces.

Web page scripts that are written with this Web control in mind can transmit presence data from your instant messaging program to the Web server hosting the script. By default, this functionality is enabled only for intranet sites, trusted sites, and sites on the local computer.

Microsoft Windows SharePoint Services pages and Microsoft Office SharePoint Server 2007 pages both make use of this control. Neither of these types of pages transmits presence data back to the Web server.

When you visit a Microsoft Windows SharePoint Services site or an Office SharePoint Server site and create an alert, Office Outlook 2007 will add a cookie to your computer with the following data:

• Name of the site
• URL of the site
• Whether the alert source is a Windows SharePoint Services site or a SharePoint Server site
• URL used by the site to expose the alert service

The data in this cookie allows alerts from the site to be sent to you correctly. Microsoft does not access this cookie unless the cookie was sent originally from a Microsoft server, in which case the cookie is used exclusively by the Windows SharePoint Services or SharePoint Server site.

You can access, edit, and delete the alerts that you have subscribed to by clicking Rules and Alerts on the Tools menu in Office Outlook 2007. This dialog box displays all the alerts that you have subscribed to from any Windows SharePoint Services sites or SharePoint Server sites.

It is also possible to receive an alert message through e-mail. By default, you can receive alert messages only from your local computer or from your intranet, not from the Internet at large.

Office Outlook 2007 allows you to share your Outlook calendar, tasks, and contacts on a SharePoint site. When you share a contact, by default all properties from your contact's information, such as the name, job title, company, and e-mail address, are uploaded to the SharePoint folder. This information is visible to all users who have access to the SharePoint site. Users can also download these properties from the SharePoint list into their Outlook contacts. Certain properties entered via a custom form, such as a contact's government ID number or computer network name, may not be visible in your default view of the Outlook address card. Nevertheless, these properties, if present, are uploaded to the SharePoint list when you share the contact's information.

When you share a task on a SharePoint site that is assigned to a particular contact, Office Outlook 2007 sends all e-mail addresses associated with that contact to the SharePoint Server computer. The alternate e-mail addresses are used by the server if the primary e-mail address of the contact is not valid. The server removes all other e-mail addresses of the contact as soon as it verifies a valid address.

Recording macros

Macro recording allows you to record a sequence of actions so that you can reproduce the actions at a later time. If you choose to record a macro, your user name is saved in the Description property of the macro and as a comment in the code when the macro is initially created. You can manually remove your user name from these two locations.

Outlook features

As a personal information manager, Office Outlook 2007 stores your e-mail, your appointments, your contacts and address book entries, your tasks, any notes you make by using Outlook Notes, and any journal entries saved in the Outlook Journal.

By default, all of this information is saved to your personal computer and is accessible only by you. However, you have the option to share this information with other people in any of the following ways:

• You can send an e-mail message or a meeting request.
• You can send a contact. If you send a contact to someone, all of the information that you have stored in that contact is shared with the other person.
• You can choose to share calendar information with other people on a private network.
• You can send an encrypted e-mail message with a digital signature. If you digitally sign a message, that signature will be stored with the message. The digital signature contains a digital certificate, which can include an e-mail address. If you are using Microsoft Exchange Server, you can also publish public keys to that Exchange Server computer.

When you work with an Exchange Server computer, Office Outlook 2007 collects certain performance statistics about the remote procedure calls that Outlook has sent to that server. The purpose of this feature is to allow Exchange Server administrators to determine how well their servers are performing.

A remote procedure call is a call from Office Outlook 2007 to the Exchange server, asking the Exchange server to perform a task and return the results to Outlook. For example, Office Outlook 2007 issues a remote procedure call to an Exchange server when it asks the Exchange server to deliver any new mail.

Office Outlook 2007 collects statistics on the number of remote procedure calls that are made, the number of successful and failed calls, the number of remote procedure calls that have been canceled, and the amount of time that each remote procedure call has taken. This data is saved into a file called an event log. No personal information is saved within these logs. By default, the logs are available only on the user's computer, but a network administrator can make this log available to an Exchange Server administrator.

Account Auto Configuration

Office Outlook 2007 provides you with an option to automatically configure your Outlook mailbox to send and receive e-mail messages from a server. To automatically configure your account, you need to provide your user name, password, and e-mail address in the Add New E-mail Account dialog box. Your user name and password will be sent over the Internet to the server at the second half of your Simple Mail Transfer Protocol (SMTP) address. For example, if you provide someone@example.com as your e-mail address, your user name and password will be sent to the server at example.com to verify your credentials and configure the e-mail client settings to send and receive e-mail messages. Alternatively, you can choose to configure the e-mail server settings manually by selecting the option Manually configure server settings in the Add New E-mail Account dialog box.

Sending and tracking e-mail messages

Office Outlook 2007 provides you with an option to apply Follow-up flags (on the Tools menu, click Follow-up) to your e-mail messages. These flags are used to track and follow up on both sent and received e-mail messages. The flag data is stored as part of the e-mail message and in some cases may be available to other people to whom you forward the message. By default, a Microsoft Exchange Server computer removes the flag data before sending the message to the recipient.

Outlook Instant Search

Office Outlook 2007 provides you with the ability to quickly search through items in your mailbox. To do so, Office Outlook 2007 creates an index file that includes data abstracted from your Outlook data items such as e-mail, folders, and address book contacts. Certain folders, such as your Junk E-mail and Deleted Items, are excluded when an index file is created. The index file is stored in the same location as your Personal Folders (.pst) file on your local computer. The data stored in the index file is anonymous.

Information Rights Management

Information Rights Management (IRM) allows you to give certain users or groups the right to access and modify a document. Despite some similarities, IRM is not the same as Document Protection. IRM allows you to set permissions to the entire document for specific actions, such as printing the document or forwarding the document to other people, as well as for reading or editing the document.

When you store a document with IRM enabled, Office Outlook 2007 saves to the document a list of every user who has rights to that document and what their permissions are. This information is encrypted so that only the document owners can access this information.

Additionally, documents with IRM enabled contain content licenses. A content license contains an e-mail address, permission, and authentication information. Each time anyone attempts to open a document with IRM enabled, Office Outlook 2007 checks the content licenses saved in the document against the user's identity. If the user has never opened the document before, Office Outlook 2007 contacts an IRM server, verifies the user's identity, downloads a new content license for the user (provided that the user has the necessary rights), and saves that content license to the document.

Document owners have the option to avoid saving content licenses to the document. If, however, this content license is not saved to the document, Office Outlook 2007 must contact the IRM server every time the document is opened. If Office Outlook 2007 is not connected to a network or cannot contact the IRM server, the document cannot be opened.

SharePoint Server Colleague Import add-in

The Microsoft Office SharePoint Server Colleague Import add-in helps to identify your colleagues on your trusted My Site on the Microsoft Office SharePoint Server. To generate a list of your possible colleagues, the add-in scans your mailbox to look for names on the To and From boxes in sent and received e-mail messages, along with the frequency with which these names are correlated with you as the sender or receiver. The add-in does not scan the e-mail content of your mailbox. The generated list only contains account names. It is updated periodically, and stored in the same location as the Personal Folders (.pst) files on your local computer. The list of possible colleagues is accessed by the My Site Add Colleagues page where you can choose the colleagues you want to add to your trusted My Site. This add-in is turned on by default when you install Office Outlook 2007. You can remove the add-in from the Add-ins dialog box in the Trust Center. For more information, see Enable or disable add-ins in Office programs. The add-in can be disabled permanently by the administrator.