Microsoft Corp. promised Monday to give users worldwide the same data and privacy rights Europeans will get under new regulations there. That’s in contrast to some of its tech rivals, which are hedging on how much privacy protections will change for Americans and other non-Europeans.

Microsoft’s move means no matter where you live, you’ll be able to see what information the company collects about you and correct or delete it if necessary. You’ll also be able to object to the use of data for marketing and other purposes. You can exercise the rights by using online tools or contacting the company directly.

New European rules, known as the General Data Protection Regulation, take effect Friday, but U.S. tech companies haven’t generally embraced them outside of the European Union. Facebook Inc., for instance, has said it is offering the same privacy settings and controls worldwide, but it has stopped short of promising European-style rights around the globe.

Julie Brill, Microsoft’s deputy general counsel, said in a blog post Monday that the company believes the new regulation “establishes important principles that are relevant globally.”


Because Microsoft doesn’t depend as much on advertising revenue as Facebook and Google, it can afford to give users more options on data use.

Microsoft updated its privacy policy Monday to make the policy easier to understand and include more details. For instance, it spells out additional sources of third-party data that Microsoft gets, including outside developers who create apps and other experiences for Microsoft’s Cortana voice assistant.

The new EU rules have prompted companies large and small to update their privacy policies and service terms to comply. Here’s a look at how Facebook and Google are adapting to a post-GDPR world.

Facebook

In March, Facebook updated its privacy controls in hopes of making them easier to find and understand. Chief Executive Mark Zuckerberg has said Facebook intends to offer those same controls and settings around the world, even though the GDPR governs only EU users.


But Facebook has been vague about applying other GDPR provisions to non-Europeans. That includes a provision that lets Europeans object to the processing of personal data, such as for marketing.

Facebook has also ramped up efforts to get your permission to use facial recognition to automatically identify people in photos — for instance, to make it easier to tag friends or to let you know if someone uses your photo. Facebook has been using that technology in much of the world for six years, but not in the EU and Canada, where privacy laws are stronger.

Now, EU and Canadian users are being invited to turn on that feature. Facebook says it will eventually ask everyone to reaffirm the use of facial recognition; the company previously assumed consent unless users took the initiative to turn that off.

Although Facebook isn’t making major changes to its data practices, its new privacy policy has one subtle change. Previously, all users outside the United States and Canada were legally managed by Facebook’s Irish subsidiary. Under the new rules, everyone outside Europe will fall under the jurisdiction of its U.S. headquarters. That means users in Asia, for instance, won’t get the EU privacy protections. Facebook didn’t explicitly announce the change; the Associated Press confirmed it through checks in six countries.


Facebook also plans to offer a less personalized version of its service for EU teenagers to comply with requirements it obtain parental permission before kids under 16 can, for instance, list their political or religious views online. In the United States, the cutoff is lower: age 13. Facebook won’t ask for parental consent in such cases outside the EU, but will ask teens themselves if they want these features.

Google

Alphabet Inc.’s Google also isn’t making major changes to its data practices, although it did rewrite its privacy policy to make the policy easier to understand. It now includes video to explain concepts better. Section headers have larger fonts, and links to related settings are more clearly marked. Google also expanded many sections to more fully explain how it collects and uses data.

Google is also expanding the availability of Family Link, a feature that lets parents create Google accounts for their children. As part of this, parents will have to give consent to comply with new EU provisions governing teens.

The feature also gives parents tools to control Android devices, such as locking the child’s device and blocking apps. Family Link was already available in 11 markets, including the United States, the U.K. and Ireland. Google is now making that available in the rest of the EU.