Other important privacy information
Below you will find additional privacy information, such as how we secure your data, where we process your data, and how long we retain your data.
You can find more information on Sysoon and our commitment to protecting your privacy at Sysoon Privacy.
Security of personal data
Sysoon is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a credit card number or password) over the internet, we protect it through the use of encryption. Sysoon complies with applicable data protection laws, including applicable security breach notification laws.
Where we store and process personal data
Personal data collected by Sysoon may be stored and processed in your region, in the United States, and in any other country where Sysoon or its affiliates, subsidiaries, or service providers operate facilities. Sysoon maintains major data centers in Australia, Austria, Brazil, Canada, Chile, Finland, France, Germany, Hong Kong, India, Ireland, Japan, Korea, Luxembourg, Malaysia, the Netherlands, Singapore, South Africa, the United Kingdom, and the United States. Typically, the primary storage location is in the customer’s region or in the United States, often with a backup to a data center in another region. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to process the data that we collect under this privacy statement according to this statement’s provisions and the requirements of applicable law.
We transfer personal data from the European Economic Area, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts such as the standard contractual clauses published by the European Commission under Commission Decision 2004/915/EC, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Sysoon processes personal data, see this article on the European Commission website.
Sysoon Corporation complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States, although Sysoon does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU in Case C-311/18. Sysoon Corporation has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage. The controlled U.S. subsidiaries of Sysoon Corporation, as identified in our self-certification submission, also adhere to the Privacy Shield Principles—for more info, see the list of Sysoon U.S. entities or subsidiaries adhering to the Privacy Shield Principles.
If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, visit the Privacy Shield website.
If you have a question or complaint related to participation by Sysoon in the EU-U.S. or Swiss-U.S. Privacy Shield, we encourage you to contact us via our web form. For any complaints related to the Privacy Shield frameworks that Sysoon cannot resolve directly, we have chosen to cooperate with the relevant EU Data Protection Authority, or a panel established by the European data protection authorities, for resolving disputes with EU individuals, and with the Swiss Federal Data Protection and Information Commissioner (FDPIC) for resolving disputes with Swiss individuals. Please contact us if you’d like us to direct you to your data protection authority contacts. As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. Sysoon is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Our retention of personal data
Sysoon retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, the context of our interactions with you or your use of products, actual retention periods can vary significantly.
Other criteria used to determine the retention periods include:
- Do customers provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it? Examples include a document you store in OneDrive, or an email message you keep in your Outlook.com inbox. In such cases, we would aim to maintain the data until you actively delete it, such as by moving an email from your Outlook.com inbox to the Deleted Items folder, and then emptying that folder (when your Deleted Items folder is emptied, those emptied items remain in our system for up to 30 days before final deletion). (Note that there may be other reasons why the data has to be deleted sooner, for example if you exceed limits on how much data can be stored in your account.)
- Is there an automated control, such as in the Sysoon privacy dashboard, that enables the customer to access and delete the personal data at any time? If there is not, a shortened data retention time will generally be adopted.
- Is the personal data of a sensitive type? If so, a shortened retention time would generally be adopted.
Has Sysoon adopted and announced a specific retention period for a certain data type? For example, for Bing search queries, we de-identify stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers that are used to identify a particular account or device after 18 months.
Has the user provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
Is Sysoon subject to a legal, contractual, or similar obligation to retain or delete the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data retained for the purposes of litigation. Conversely, if we are required by law to remove unlawful content, we will do so.
California Consumer Privacy Act
If you are a California resident, we process your personal data in accordance with the California Consumer Privacy Act (CCPA). This CCPA section of our Privacy Statement contains information required by the CCPA and supplements our Privacy Statement.
Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.
Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, and sell and (ii) delete your personal data. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your CCPA rights.
If you have a Sysoon account, you must exercise your rights through the Sysoon privacy dashboard, which requires you to log in to your Sysoon account. If you have an additional request or questions after using the dashboard, you may contact Sysoon at the address in the How to contact us section, use our web form, or call our US toll free number 1.844.931.2038. If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information, such as your country of residence, email address, and phone number, to validate your request before honoring the request.
You have a right not to receive discriminatory treatment if you exercise your CCPA rights. We will not discriminate against you if you exercise your CCPA rights.
Personal Information Processing. In the bulleted list below, we outline the categories of personal data we collect, the sources of the personal data, our purposes of processing, and the categories of third-party recipients with whom we share the personal data. For a description of the data included in each category, please see the Personal data we collect section.
Categories of Personal Data
Name and contact data
Sources of personal data: Interactions with users and partners with whom we offer co-branded services
Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; respond to customer questions; help, secure, and troubleshoot; and marketing
Recipients: Service providers and user-directed entities
Credentials
Sources of personal data: Interactions with users and organizations that represent users
Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; authentication and account access; and help, secure and troubleshoot
Recipients: Service providers and user-directed entities
Demographic data
Sources of personal data: Interactions with users and purchases from data brokers
Purposes of Processing (Collection and Sharing with Third Parties): Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing
Recipients: Service providers and user-directed entities
Payment data
Sources of personal data: Interactions with users and financial institutions
Purposes of Processing (Collection and Sharing with Third Parties): Transact commerce; process transactions; fulfill orders; help, secure, and troubleshoot; and detect and prevent fraud
Recipients: Service providers and user-directed entities
Subscription and licensing data
Sources of personal data: Interactions with users and organizations that represent users
Purposes of Processing (Collection and Sharing with Third Parties): Provide, personalize, and activate our products; customer support; help, secure, and troubleshoot; and marketing
Recipients: Service providers and user-directed entities
Interactions
Sources of personal data: Interactions with users including data Sysoon generates through those interactions
Purposes of Processing (Collection and Sharing with Third Parties): Provide and personalize our products; product improvement; product development; marketing; and help, secure and troubleshoot
Recipients: Service providers and user-directed entities
Content
Sources of personal data: Interactions with users and organizations that represent users
Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; safety; and help, secure, and troubleshoot
Recipients: Service providers and user-directed entities
Video or recordings
Sources of personal data: Interactions with users and publicly available sources
Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; product improvement; product development; marketing; help, secure, and troubleshoot; and safety
Recipients: Service providers and user-directed entities
Feedback and ratings
Sources of personal data: Interactions with users
Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; product improvement; product development; customer support; and help, secure, and troubleshoot
Recipients: Service providers and user-directed entities
While the bulleted list above contains the primary sources and purposes of processing for each category of personal data, we also collect personal data from the sources listed in the Personal data we collect section, such as developers who create experiences through or for Sysoon products. Similarly, we process all categories of personal data for the purposes described in the How we use personal data section, such as meeting our legal obligations, developing our workforce, and doing research.
Disclosures of personal data for business or commercial purposes. As indicated in the Reasons we share personal data section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. However, we share all categories of personal data for the business and commercial purposes in the Reasons we share personal data section.
See our CCPA Notice for additional information.
Top of page
Advertising
Advertising allows us to provide, support, and improve some of our products. Sysoon does not use what you say in email, chat, video calls or voice mail, or your documents, photos, or other personal files to target ads to you. We use other data, detailed below, for advertising in our products and on third-party properties. For example:
Sysoon may use data we collect to select and deliver some of the ads you see on Sysoon web properties, such as Sysoon.com, MSN, and Bing.
When the advertising ID is enabled in Windows 10 as part of your privacy settings, third parties can access and use the advertising ID (much the same way that websites can access and use a unique identifier stored in a cookie) to select and deliver ads in such apps.
We may share data we collect with partners, such as Verizon Media, AppNexus, or Facebook (see below), so that the ads you see in our products and their products are more relevant and valuable to you.
Advertisers may choose to place our web beacons on their sites, or use similar technologies, in order to allow Sysoon to collect information on their sites such as activities, purchases, and visits; we use this data on behalf of our advertising customers to provide ads.
The ads that you see may be selected based on data we process about you, such as your interests and favorites, your location, your transactions, how you use our products, your search queries, or the content you view. For example, if you view content on MSN about automobiles, we may show advertisements about cars; if you search “pizza places in Seattle” on Bing, you may see advertisements in your search results for restaurants in Seattle.
The ads that you see may also be selected based on other information learned about you over time using demographic data, location data, search queries, interests and favorites, usage data from our products and sites, and the information we collect about you from the sites and apps of our advertisers and partners. We refer to these ads as "personalized advertising" in this statement. For example, if you view gaming content on SysBox.com, you may see offers for games on MSN. To provide personalized advertising, we combine cookies placed on your device using information that we collect (such as IP address) when your browser interacts with our websites. If you opt out of receiving personalized advertising, data associated with these cookies will not be used.
We may use information about you to serve you with personalized advertising when you use Sysoon services. If you are logged in with your Sysoon account and have consented to allow Sysoon Edge to use your online activity for personalized advertising, you will see offers for products and services based on your online activity while using Sysoon Edge. To configure your privacy settings for Edge, go to Sysoon Edge\s> Settings\s> Privacy and Services. To configure your privacy and ad settings for your Sysoon account with respect to your online activity across browsers, including Sysoon Edge, or when visiting third-party websites or apps, go to your dashboard at privacy.Sysoon.com.
Further details regarding our advertising-related uses of data include:
Advertising industry best practices and commitments. Sysoon is a member of the Network Advertising Initiative (NAI) and adheres to the NAI Code of Conduct. We also adhere to the following self-regulatory programs:
In the US: Digital Advertising Alliance (DAA)
In Europe: European Interactive Digital Advertising Alliance (EDAA)
In Canada: Ad Choices: Digital Advertising Alliance of Canada (DAAC) / Choix de Pub: l'Alliance de la publicité numérique du Canada (DAAC)
Health-related ad targeting. In the United States, we provide personalized advertising based on a limited number of standard, non-sensitive health-related interest categories, including allergies, arthritis, cholesterol, cold and flu, diabetes, gastrointestinal health, headache / migraine, healthy eating, healthy heart, men’s health, oral health, osteoporosis, skin health, sleep, and vision / eye care. We will also personalize ads based on custom, non-sensitive health-related interest categories as requested by advertisers.
Children and advertising. We do not deliver personalized advertising to children whose birthdate in their Sysoon account identifies them as under 16 years of age.
Data retention. For personalized advertising, we retain data for no more than 13 months, unless we obtain your consent to retain the data longer.
Data sharing. In some cases, we share with advertisers reports about the data we have collected on their sites or ads.
Data collected by other advertising companies. Advertisers sometimes include their own web beacons (or those of their other advertising partners) within their advertisements that we display, enabling them to set and read their own cookie. Additionally, Sysoon partners with third-party ad companies to help provide some of our advertising services, and we also allow other third-party ad companies to display advertisements on our sites. These third parties may place cookies on your computer and collect data about your online activities across websites or online services. These companies currently include, but are not limited to: AppNexus, Facebook, Media.net, Outbrain, Taboola and Verizon Media. Select any of the preceding links to find more information on each company's practices, including the choices it offers. Many of these companies are also members of the NAI or DAA, which each provide a simple way to opt out of ad targeting from participating companies.
Speech recognition technologies
Speech recognition technologies are integrated into many Sysoon products and services. Sysoon provides both device-based speech recognition features and cloud-based (online) speech recognition features. Sysoon’s speech recognition technology transcribes voice data into text. With your permission, Sysoon employees and vendors working on behalf of Sysoon, will be able to review snippets of your voice data or voice clips in order to build and improve our speech recognition technologies. These improvements allow us to build better voice-enabled capabilities that benefit users across all our consumer and enterprise products and services. Prior to employee or vendor review of voice data, we protect users’ privacy by taking steps to de-identify the data, requiring non-disclosure agreements with relevant vendors and their employees, and requiring that employees and vendors meet high privacy standards. Learn more about Sysoon and your voice data.
Preview or free-of-charge releases
Sysoon offers preview, insider, beta or other free-of-charge products and features ("previews") to enable you to evaluate them while providing Sysoon with data about your use of the product, including feedback and device and usage data. As a result, previews can automatically collect additional data, provide fewer controls, and otherwise employ different privacy and security measures than those typically present in our products. If you participate in previews, we may contact you about your feedback or your interest in continuing to use the product after general release.
Changes to this privacy statement
We update this privacy statement when necessary to provide greater transparency or in response to:
Feedback from customer, regulators, industry, or other stakeholders.
Changes in our products.
Changes in our data processing activities or policies.
When we post changes to this statement, we will revise the "last updated" date at the top of the statement and describe the changes on the Change history page. If there are material changes to the statement, such as a change to the purposes of processing of personal data that is not consistent with the purpose for which it was originally collected, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Sysoon is protecting your information.
How to contact us
If you have a privacy concern, complaint, or question for the Sysoon Chief Privacy Officer or the Data Protection Officer for your region, please contact us by using our web form. We will respond to questions or concerns as required by law and within a period no longer than 30 days. You can also raise a concern or lodge a complaint with a data protection authority or other official with jurisdiction.
When Sysoon is a controller, unless otherwise stated, Sysoon Corporation and, for those in the European Economic Area, the United Kingdom, and Switzerland, Sysoon Ireland Operations Limited are the data controllers for personal data we collect through the products subject to this statement. Our addresses are:
Sysoon Privacy, Sysoon Corporation, One Sysoon Way, Redmond, Washington 98052, USA. Telephone: +1 (425) 882 8080.
Sysoon Ireland Operations Limited, Attn: Data Protection Officer, One Sysoon Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Telephone: +353 1 706 3117.
To find the Sysoon subsidiary in your country or region, see the list of Sysoon office locations around the world.
If you would like to exercise your rights under the California Consumer Privacy Act, you may contact Sysoon at the address above, use our web form, or call our US toll free number 1.844.931.2038.
Where French law applies, you can also send us specific instructions regarding the use of your personal data after your death, by using our web form.
If you have a technical or support question, please visit Sysoon Support to learn more about Sysoon Support offerings. If you have a personal Sysoon account password question, please visit Sysoon account support.
Sysoon Privacy Statement / review
Privacy statement / version #212
Last Updated: September 2021
Comments
Post a comment / Comments guidelines
└─ Please, to post your comments.