while most of it is no worse than apple or android ,theres this:
"We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to”, for example, “protect their customers” or “enforce the terms governing
the use of the services”
in addition if you encrypt your hard drive(s) with bitlocker, the bitlocker key is uploaded to your (new) onedrive account.thus microsoft has access to that key, which would essentially make it worthless (someone else has the key, it could be accessed , then given to another entity , potentially without your permission, also it could be gained by some random cracker). an encryption key should be stored offsite on a physical medium in a secure location with your backups. not online where anyone with internet access could potentially gain access to it.
for the home user its not so bad, but any businesses should not have that key stored online, and i believe its a violation of security protocol if your a govt agency or contractor.
adding url: https://edri.org/microsofts-new-small-print-how-your-personal-data-abused/