Privacy supplement for Microsoft Office SharePoint Designer 2007

Last updated: October 2006

This page is a supplement to the Privacy Statement for the 2007 Microsoft Office system. In order to understand the data collection and use practices relevant for a particular Office program or service, you should read both the Privacy Statement for the 2007 Microsoft Office system and this supplement.

Linking to pictures and other documents

If you choose to create a link to an image, file, data source, or other document on your hard disk or on a server, the path to that file is saved in your document. In some cases, the link may include your user name or information about servers on your network. In the case of a data connection, you can choose to save a user name or password within the data connection link.

Also, when you apply an XML Schema to a document, a path to the XML Schema that you have created is saved to the document. In some cases, that path may include your user name.

Printing

When you print a Microsoft Office SharePoint Designer 2007 document and then save that document, Office SharePoint Designer 2007 saves the path to your printer with the document. In some cases, the path may include a user name or computer name.

Windows SharePoint Services

Microsoft Windows SharePoint Services provides shared, Web-based Workspace sites where you can collaborate on documents or meetings.

When you access a SharePoint site, by using either the Web browser or any Office program, the site will save a cookie to your computer if you have permissions to create a new subsite on that site. Taken together, these cookies form a list of sites to which you have permissions. This list is used by several Office programs to provide you with quick access to the sites that you have visited before.

The list of sites that you have visited is not accessed by Microsoft and is not exposed to the Internet unless you choose to make the list more broadly available.

You can clear this list by using your Web browser to clear your cache of cookies.

In Windows SharePoint Services, when you create a new Web site or list, or add or invite people to an existing Web site or list, the site saves the following for each person, including you:

• Full name

• E-mail address

• User logon name (Microsoft Windows NT logon — for example, DOMAIN\user name)

A user ID will be added to every element that you or the other users of the site add to or modify on the site. As with all of the content on the SharePoint site, only administrators and members of the site itself should have access to this information.

All elements of the SharePoint site include two fields: Created By and Modified By. The Created By field is filled in with the user name of the person who originally created the element and the date when it was created. The Modified By field is filled in with the user name of the person who last modified the Microsoft Office document and the date when it was last modified.

Administrators of the servers where SharePoint sites are hosted have access to some data from these sites, which is used for analyzing the usage patterns of the site and improving the percentage of time that the site is available. This data is available only to the server administrators and is not shared with Microsoft unless Microsoft is hosting the SharePoint site. The data specifically captured includes the names, e-mail addresses, and permissions of everyone with access to the site.

All users with access to a particular SharePoint site may search and view all content available on that site.

Auditing

Windows SharePoint Services provides auditing features that allow administrators to keep a reliable audit trail of how users are working with important content.

When Windows SharePoint Services administrators enable the Auditing feature, the server will automatically record in the SharePoint Content Database certain actions performed by the user. These actions include view, edit, check-in, and check-out. For each recorded action, the server will record identifying information about the file, the action, and the user's SharePoint ID and IP address. No data is sent to Microsoft as part of this transaction.

This feature is off by default and is available only to administrators of SharePoint sites where content is stored.

Instant messaging and notifications

Office SharePoint Designer 2007 provides you with the ability to send instant messages from within the program itself and provides you with the ability to be alerted when people are online or when certain changes are made to shared documents or workspaces.

Office SharePoint Designer 2007 uses a Microsoft instant messaging client to provide you with the ability to see the online presence of other people and to send messages to them. Office SharePoint Designer 2007 includes a Web control that allows the instant messaging presence to be displayed within a Web page. The purpose of this feature is to allow you to use Web pages to collaborate directly with other people who are working on the same documents or workspaces.

Web page scripts that are written with this Web control in mind can transmit presence data from your instant messaging program to the Web server that is hosting the script. By default, this functionality is enabled only for intranet sites, trusted sites, and sites on the local computer.

Microsoft Windows SharePoint Services pages and Microsoft Office SharePoint Server 2007 pages both make use of this control. Neither of these types of pages transmits presence data back to the Web server.

When you visit a Microsoft Windows SharePoint Services site or an Office SharePoint Server site and create an alert, Office SharePoint Designer 2007 will add a cookie to your computer with the following data:

• Name of the site

• URL of the site

• Whether the alert source is a Windows SharePoint Services site or a SharePoint Server site

• URL used by the site to expose the alert service

The data in this cookie allows alerts from the site to be sent to you correctly. Microsoft does not access this cookie unless the cookie was sent originally from a Microsoft server, in which case the cookie is used exclusively by the Windows SharePoint Services site or SharePoint Server site.

SharePoint Designer Remote Source Control

Office SharePoint Designer 2007 provides a feature called Remote Source Control, which allows you to lock a file on a server for your exclusive editing. This helps to prevent anyone else from accidentally overwriting your changes while you are editing the file.

When you save a file to an FTP server or DAV share, a dialog box will appear asking you to enter a name or other text that distinguishes you from other authors who are collaborating on the file. The text that you enter is saved with the file that you have opened, identifying you as the owner of that locked file. This data is available to anyone with access to the same FTP server or DAV share.

You are not required to enter your name. You can enter any text that you choose. When you finish editing the file, the lock and the text that you entered are removed automatically.

Disk-based Web sites

Office SharePoint Designer 2007 allows you to create and edit Web sites in a folder on your local computer. When you edit Web pages from a Web site folder, metadata such as your logon name is saved for each file that you edit. This metadata is stored either as a hidden folder inside the Web site folder or as a separate folder in your profile directory. Your logon name is used to display the author information, such as Created by or Modified by, for files in the Office SharePoint Designer 2007 Web Site views and File Properties dialog box. You can choose to remove the metadata from the Web site folder on your local computer by clearing the Manage the Web site using SharePoint Designer metadata files check box in the Site Settings dialog box. (On the Site menu, click Site Settings, and then click the General tab.)