Data & Privacy
Data & Privacy
Our commitment to data privacy and security with minimal data storage and no data leaving your tenant
Intune Assistant is built with privacy by design. The core principle is that your data stays in your tenant - everything is processed in session memory and stored only the absolute minimum required for licensing and identification.
Zero Data Extraction
No data leaves your tenant. All Intune and Graph API data is processed in browser session memory only and never stored or transmitted to external systems.
There is a very strict minimal data storage policy with complete transparency about what is stored and why:
Tenant ID
✅ Yes
Identify tenant and enforce fair-usage licensing. (Access can be denied by Tenant ID)
Persistent
Tenant Domain
✅ Yes
Display and licensing identification
Persistent
Session Data (tokens, settings)
❌ No
Stored only in browser session storage
Temporary
Intune Data
❌ No
Processed in session memory only, never persisted
N/A
Graph API Data
❌ No
Processed in session memory only, never persisted
N/A
User's Device Information
❌ No
Never accessed or stored
N/A
User Personal Data
❌ No
Never accessed or stored
N/A
💻 Your Browser
⚡ Intune Assistant
🏢 Your Tenant
Graph API
Intune Data
Memory Only
Processing
(Temporary)
Session
Storage
(Temporary)
🗑️ Data discarded
immediately
🚪 Cleared on
logout/close
🚫 Data never leaves
your tenant boundary
Browser session storage is used for temporary data like UI preferences and navigation state. This data is automatically cleared when you go to another page, close your browser or log out.
HTTPS Encryption - All communications encrypted in transit
No Database Storage - No persistent storage of tenant data
Memory-Only Processing - All operations performed in volatile memory
Automatic Cleanup - Memory cleared after each operation
Session Isolation - Each session completely isolated from others
Microsoft Identity - Authentication through your tenant's identity provider
GDAP Compliance - Granular delegated admin privileges for MSPs
Role-Based Access - Permissions enforced through your tenant's RBAC
No Backdoors - No administrative access to your tenant data
GDPR Compliant - Privacy by design approach
Microsoft Security Standards - Built on Microsoft's security framework
Industry Best Practices - Following established security guidelines
Regular Security Reviews - Continuous security assessment and improvement
For MSP environments, we ensure complete data isolation:
Tenant-Specific Processing - Each customer tenant processed independently
No Cross-Tenant Data - No mixing of data between customer tenants
GDAP Respect - Only access data according to granted permissions
Customer Consent - All access based on explicit GDAP permissions
Limited Scope - Only access data necessary for granted roles
No Data Sharing - No sharing of customer data between tenants or MSPs
Full Control - You maintain complete control over your tenant data
Access Management - Control application access through Azure AD
Permission Granularity - Grant only necessary permissions
Revoke Access - Instantly revoke application access at any time
Open Source - Application code (Webinterface) available for review
Clear Documentation - Complete transparency about data handling
No Hidden Processes - All data processing clearly documented
Regular Updates - Privacy policy updates communicated clearly
How do you handle authentication tokens?
Authentication tokens are stored only in your browser's session storage and are never transmitted to our servers or stored persistently.
Is my data encrypted?
All communication is encrypted via HTTPS. Since we don't store your data, there's no data at rest to encrypt.
Can other users see my data?
No, all data processing is isolated per user session. No data is shared between users or stored centrally.
Privacy Promise
Your data stays with you. We're committed to keeping your Microsoft tenant data exactly where it belongs - in your tenant, under your control.
Last updated