Merge pull request #249113 from jenniferf-skc/mepmprivacyfaq

Updating FAQs with GDPR info

Author: v-dirichards

articles/active-directory/cloud-infrastructure-entitlement-management/faqs.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: ciem
 ms.workload: identity
 ms.topic: faq
-ms.date: 06/16/2023
+ms.date: 08/23/2023
 ms.author: jfields
 ---
 
@@ -20,7 +20,6 @@ This article answers frequently asked questions (FAQs) about Microsoft Entra Per
 
 Microsoft Entra Permissions Management (Permissions Management) is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities. For example, over-privileged workload and user identities, actions, and resources across multicloud infrastructures in Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). Permissions Management detects, automatically right-sizes, and continuously monitors unused and excessive permissions. It deepens the Zero Trust security strategy by augmenting the least privilege access principle.
 
-
 ## What are the prerequisites to use Permissions Management?
 
 Permissions Management supports data collection from AWS, GCP, and/or Microsoft Azure. For data collection and analysis, customers are required to have an Azure Active Directory (Azure AD) account to use Permissions Management.
@@ -57,7 +56,7 @@ Permissions Management currently supports the three major public clouds: Amazon
 
 Permissions Management currently doesn't support hybrid environments.
 
-## What types of identities are supported by Permissions Management?
+## What types of identities does Permissions Management support?
 
 Permissions Management supports user identities (for example, employees, customers, external partners) and workload identities (for example, virtual machines, containers, web apps, serverless functions).
 
@@ -83,7 +82,7 @@ The Permissions Creep Index (PCI) is a quantitative measure of risk associated w
 
 ## How can customers use Permissions Management to delete unused or excessive permissions?
 
-Permissions Management allows users to right-size excessive permissions and automate least privilege policy enforcement with just a few clicks. The solution continuously analyzes historical permission usage data for each identity and gives customers the ability to right-size permissions of that identity to only the permissions that are being used for day-to-day operations. All unused and other risky permissions can be automatically removed.
+Permissions Management allows users to right-size excessive permissions and automate least privilege policy enforcement with just a few clicks. The solution continuously analyzes historical permission usage data for each identity and gives customers the ability to right-size the permissions of that identity to permissions that are only being used for day-to-day operations. All unused and other risky permissions can be automatically removed.
 
 ## How can customers grant permissions on-demand with Permissions Management?
 
@@ -130,13 +129,19 @@ No, Permissions Management doesn't have access to sensitive personal data.
 
 You can read our [blog](https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/bg-p/Identity) and visit our [web page](https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-permissions-management). You can also get in touch with your Microsoft point of contact to schedule a demo.
 
-## What is the data destruction/decommission process? 
+## What is the data destruction/decommission process?
+
+If a customer initiates a free Permissions Management 45-day trial and does not convert to a paid license within 45 days of the trial expiration, all collected data is deleted within 30 days of the trial expiration date.  
+
+If a customer decides to discontinue licensing the service, all previously collected data is deleted within 30 days of license termination.
+
+Customers can also remove, export or modify specific data if a Global Administrator using the Permissions Management service files an official Data Subject Request. To file a request:
 
-If a customer initiates a free Permissions Management 45-day trial, but does not follow up and convert to a paid license within 45 days of the free trial expiration, we will delete all collected data on or just before 45 days.  
+If you're an enterprise customer, you can contact your Microsoft representative, account team, or tenant admin to file a high-priority IcM support ticket requesting a Data Subject Request. Do not include details or any personally identifiable information in the IcM request. We'll reach out to you for these details only after an IcM is filed.
 
-If a customer decides to discontinue licensing the service, we will also delete all previously collected data within 45 days of license termination.  
+If you're a self-service customer (you set up a trial or paid license in the Microsoft 365 admin center) you can contact the Permissions Management privacy team by selecting your profile drop-down menu, then **Account Settings** in Permissions Management. Follow the instructions to make a Data Subject Access Request.
 
-We also have the ability to remove, export or modify specific data should the Global Administrator using the Entra Permissions Management service file an official Data Subject Request. This can be initiated by opening a ticket in the Azure portal [New support request - Microsoft Entra admin center](https://entra.microsoft.com/#blade/Microsoft_Azure_Support/NewSupportRequestV3Blade/callerName/ActiveDirectory/issueType/technical), or alternately contacting your local Microsoft representative. 
+Learn more about [Azure Data Subject Requests](https://go.microsoft.com/fwlink/?linkid=2245178).
 
 ## Do I require a license to use Entra Permissions Management?