Microsoft Dynamics 365 Sales
Based exclusively on public evidence • 20 criteria (Privacy + AI)
Last review: 21 Feb 2026
AI Trust Summary
- •In AI: it does not document a mechanism for contesting automated decisions, which may affect user trust in interactions.
- •In Privacy Base: it does not explain how user rights are balanced with legitimate purposes, raising concerns about data protection.
Safer Alternatives
Higher-rated software in the same category
Attention Points in AI (1)
AI criteria that require attention. Buy the Premium Analysis to see all 1 criteria.
- •Microsoft Dynamics 365 Sales
- •Does not mention human review of automated AI decisions, which may impact user trust.
- •The use of 'legitimate purposes' does not explain how user rights are balanced, raising concerns.
- •It is recommended to require contractual clauses that address these aspects.
AI decision contestation mechanism not available
The policy does not mention human review of automated decisions, which may impact user trust in sales interactions.
Source: vendor public documents
Compliances in AI (3)
AI criteria the company meets. Buy the Premium Analysis to see all 3 criteria.
- •Microsoft Dynamics 365 Sales
- •Data processing purposes are clearly listed, connecting information categories to specific uses.
- •Identifies recipients of personal data, ensuring clarity about sharing.
- •These practices facilitate due diligence and transparency in privacy operations.
AI data retention policy clearly documented
The policy mentions that users can manage their sales interaction history, but does not define clear retention periods.
Policy on data use for AI training clearly stated
The policy states that Microsoft uses data to develop and train AI models, impacting how contact and lead information is handled.
AI training opt-out control available
The policy mentions the possibility of opting out of AI training, allowing users to manage their contact and lead information.
Source: vendor public documents
Highlights in Privacy (3)
Most relevant criteria for this category. Buy the Premium Analysis to see all 3 criteria.
Legitimate interest does not explain rights balancing
The policy mentions 'legitimate purposes,' but does not explain how user rights are balanced, which may raise concerns.
Data controller and processor roles clearly defined
The policy clearly identifies Microsoft as responsible for processing contact information, leads, and sales interactions, ensuring transparency.
Data controller identity and contact clearly disclosed
The policy provides multiple ways to contact Microsoft, facilitating communication about contact information, leads, and sales interactions.
Source: vendor public documents
Critical Alerts
- •Uso de legítimo interesse não explica balanceamento de direitos: Crucial para garantir que os interesses da empresa não prevaleçam sobre os direitos dos clientes..
- •Aspecto de privacidade não mencionado na documentação do fornecedor: Ausência de informação pública
Conformance analysis (20)
Data controller and processor roles clearly defined
Reference: ISO/IEC 27701 (7.3)
Identity and contact of the data controller clearly informed
Reference: ISO/IEC 27701 (7.3)
Processing purposes clearly listed by data category
Reference: ISO/IEC 27701 (7.3)
Source: vendor public documents
Follow this company and access all 20 criteria
Track score changes, get alerts on policy updates, and view the full conformance analysis
Don't miss any update
Sign up to follow this company and track changes in privacy and AI scores
Why trust the AITS Index: Open Community Audit
Public transparency, peer review and open evidence trails — all verifiable by the community
Trust guarantees
Peer review
users, professionals and experts confirm or contest items online.
Public history
vendor and index changes are versioned and accessible.
Participate
Evidence, confirmations and contestations
participate in the collaborative validation of AITS criteria
Maximize Your Privacy with Microsoft Dynamics 365 Sales: Strengths, Weaknesses, and Guidance
Understanding Microsoft Dynamics 365 Sales' Privacy Strengths
Microsoft Dynamics 365 Sales has made significant strides in ensuring user privacy, as evidenced by its AITS Privacy Score of 81%. This score reflects the platform's commitment to transparency regarding data handling practices. One of the standout features is the clear categorization of data processing purposes. Users can easily identify how their data will be used, which fosters trust and allows for informed consent. This clarity is essential for businesses that need to comply with regulations like GDPR and LGPD, as it ensures that users are aware of their rights and the specific uses of their data.
Additionally, the platform provides a well-defined list of data recipients in its privacy policy. This means users can see who has access to their personal information, which is crucial for maintaining control over their data. Knowing the parties involved can help users assess potential risks and make informed decisions about their data sharing practices. Furthermore, the availability of a Data Processing Agreement (DPA) for enterprise clients is a strong point, as it outlines the responsibilities of both parties in terms of data protection, aligning with ISO 27701 standards.
Transparency in Data Handling
The clarity in data processing purposes and recipient identification not only enhances user trust but also aligns with best practices in data governance. Users should take advantage of this transparency by reviewing the data processing purposes listed in their settings. By understanding how their data is utilized, users can make more informed choices about their interactions with the software and adjust their privacy settings accordingly.
Identifying Privacy Weaknesses
Despite its strengths, Microsoft Dynamics 365 Sales has notable weaknesses that users should be aware of. The absence of a mechanism for contesting automated decisions in AI processes raises concerns about user autonomy and trust. This lack of transparency can lead to uncertainty about how decisions are made, which is particularly important for users who may be affected by automated outcomes. The AITS AI Score of 79% reflects this shortcoming, indicating that while the software employs AI, it does not adequately address user rights in this context.
Moreover, the platform's reliance on legitimate interest as a basis for data processing lacks sufficient explanation regarding how user rights are balanced against these interests. This gap can create ambiguity about data protection and user consent, which is critical for compliance with data protection laws such as GDPR and LGPD. Users should be cautious and consider how their data may be used under this framework.
Mitigating Risks Associated with Weaknesses
To mitigate the risks associated with these weaknesses, users should actively engage with the software's privacy settings. It is advisable to regularly review and adjust data sharing preferences, ensuring that only necessary data is shared. Additionally, users can advocate for clearer communication from Microsoft regarding AI decision-making processes. Engaging with customer support or providing feedback can help highlight the importance of these features for user trust and compliance.
Practical Guidance for Users
For users looking to maximize their privacy while using Microsoft Dynamics 365 Sales, there are several practical steps to consider. First, ensure that you have reviewed the privacy policy and understand the data processing purposes and recipients. This understanding is vital for making informed decisions about your data.
Next, check your privacy settings within the platform. Look for options that allow you to limit data sharing and adjust your preferences regarding automated decision-making. If the software provides features to opt-out of certain data uses or AI processes, be sure to utilize them. This proactive approach can help safeguard your personal information and maintain compliance with relevant data protection regulations.
Exploring Alternatives and Enhancements
If the weaknesses in Microsoft Dynamics 365 Sales raise concerns for your organization, it may be worth exploring alternative CRM solutions that offer stronger privacy features. Look for platforms that provide robust mechanisms for contesting automated decisions and clearly articulate how user rights are protected in their data processing practices. Additionally, consider integrating third-party privacy tools that can enhance your data protection measures and provide greater control over your information.
In conclusion, while Microsoft Dynamics 365 Sales offers commendable strengths in privacy and data handling, it is essential for users to remain vigilant about its weaknesses. By understanding the strengths and weaknesses of the platform, users can take actionable steps to protect their data and ensure compliance with privacy regulations.
Other Sales CRM software
Dive into in-depth research and analysis of each player
Source: vendor public documents
Analyzed Sources
Public documents used in the audit of Microsoft Dynamics 365 Sales:
Evidence, confirmations and contestations
participate in the collaborative validation of AITS criteria
Scope & Limitations
TrustThis/AITS assessments are based exclusively on publicly available information, duly cited with date and URL, following the AITS methodology (privacy & AI transparency).
The content is indicative in nature, intended for screening and comparison, not replacing internal audits.
TrustThis/AITS does not perform invasive tests, does not access vendor technology environments and does not process customer personal data. Conclusions reflect only the vendor's public communication at the date of collection.
Source: vendor public documents