The Authenticator app collects three types of information:
- Account info you provide when you add your account. After adding your account, depending on the features you enable for the account, your account data might sync down to the app. This data is stored on your device and can be removed by removing your account.
- Non-personally identifiable usage data, such as aggregate data about how many times you successfully add an account flow or how many authentication requests you approve or reject. This data is an integral part of our engineering decisions as it helps us keep the app secure and up to date. You will see a notice of this data collection when you use the app for the first time. You can also allow the sharing of additional non-personal usage data by turning on the “Usage Data” toggle button on the app’s Settings page. This data allows our engineers to improve the app in ways that are important to you. This setting can be turned on or off at any time.
- Diagnostic log data that stays only in the app until you select Send feedback in the app’s top menu to send logs to Microsoft. These logs can contain personal data such as email addresses, server addresses, or IP addresses. They also can contain device data such as device name and operating system version. Any personal data collected is limited to information needed to help troubleshoot app issues. You can browse these log files in the app at any time to see the information being gathered. If you send your log files, Authenticator app engineers will use them only to troubleshoot customer-reported issues.
For more information, review the Microsoft Privacy Statement.
Common questions about the Microsoft Authenticator app – Microsoft Support