Policy Details & Nuances
Consumer Copilot (free and Pro) uses conversations for training by default. Enterprise and school accounts with commercial data protection (EDP) are excluded from training.
In consumer Copilot settings, go to Privacy > Model Training and toggle off 'Model Training for Text/Voice'.
Retention Period
Consumer conversations are kept in account history for 18 months. If history is disabled, Microsoft retains data for 30 days for abuse monitoring, then deletes it.
Deletion on Request
YesYou can delete individual conversations or your entire conversation history at any time through the Copilot UI or the Microsoft Privacy Dashboard.
Shared with service providers and Microsoft affiliates. Query and conversation data is shared with OpenAI under strict confidentiality terms, but OpenAI cannot train on Microsoft user data.
Some conversations are subject to human review for product improvement and digital safety. Conversations flagged as Code of Conduct violations may also be reviewed. Opt-out of human review is not available.
Context & Variations
EEA/UK users have access to GDPR privacy dashboards and enhanced telemetry opt-out options.
Requires a Microsoft account, which restricts users under 13 (or regional age limit) without explicit parental verification.
Copilot for Microsoft 365 and Copilot with Enterprise Data Protection (EDP) enforce no model training, no human review of chats, and all data is encrypted at rest and in transit.