Navigation

  • Home

    • Privacy Policy

    Data Collection

    This service collects and processes the following data to provide monitoring functionality:

    • Device hardware information (manufacturer, model, serial number)
    • Autopilot provisioning session data (status, events, timestamps)
    • Azure AD/Entra ID tenant information
    • User authentication information (UPN, display name, tenant ID)
    • Operational telemetry and audit logs
    • Anonymized usage telemetry (via Azure Application Insights, no cookies) — used to understand which features are used and improve the service. No personal data is transmitted.

    Data Processing Context

    During an Autopilot enrollment, the user authenticates solely to verify their identity and initiate the process. After that, the user is not actively interacting with the device while provisioning runs. As a result, the data collected by the monitoring agent consists exclusively of technical enrollment events — no user activity, browsing data, or personal content is captured.

    Tenant administrators retain full control over collected data through the following options:

    • Data Retention — configurable retention period per tenant (default 90 days); expired sessions are automatically purged
    • Delete Session — delete individual monitoring sessions on demand
    • Offboard Tenant — remove all data and configurations for a tenant from the service

    These controls ensure that no personal information accumulates in the backend beyond what is necessary for enrollment monitoring. The service is designed for operational transparency, not user surveillance.

    Data Storage & Security

    The platform is built with a layered security architecture designed to protect data at every level:

    Authentication & Device Identity

    • Device agents authenticate via Intune MDM client certificates, validated against the embedded Intune CA chain
    • Web users authenticate via Microsoft Entra ID (Azure AD) with multi-tenant JWT validation
    • Autopilot device validation via Microsoft Graph — only registered Autopilot devices are accepted
    • Optional hardware whitelist for additional device verification
    • Per-device rate limiting (sliding window) to prevent abuse

    Tenant Isolation

    • Strict multi-tenant data isolation — all storage queries are partitioned by Tenant ID
    • Real-time channels (SignalR) are scoped to tenant-specific groups
    • Independent configuration, audit logs, and device management per tenant

    Transport & Data Protection

    • All communication encrypted via HTTPS/TLS; real-time updates via secure WebSocket
    • Diagnostics upload URLs are issued on-demand, and never persisted on the device
    • Azure Storage encryption at rest for all persisted data
    • PII logging disabled in production environments

    Access Control

    • Role-based access: Tenant Admin (full tenant management), Operator, Users
    • Device blocking capabilities for compromised or unauthorized devices
    • Comprehensive audit logging of administrative actions

    Data Sharing

    Your data is not shared with third parties. Access is restricted to:

    • Authenticated users within your tenant
    • Global Administrators (for platform operations and support)

    Your Rights

    As this is an environment operated under best-effort principles, formal data subject rights (access, deletion, portability) are not guaranteed. However, we will make reasonable efforts to accommodate such requests on a case-by-case basis.