Privacy Policy

Last updated: April 29, 2026

This page explains what information AzureIR uses, why we use it, and how we protect it.

1. Information We Use

We process only the information needed to provide security monitoring and reporting services:

  • Microsoft Entra sign-in logs (for identity and access monitoring).
  • Microsoft Entra audit logs (for admin and policy change tracking).
  • Basic account and tenant metadata (such as tenant name, user principal names, and app names).
  • Service diagnostics data (such as timestamps, error details, and sync status).

2. Why We Use This Information

We use this data to operate and improve the platform, including to:

  • Detect suspicious sign-in and audit activity.
  • Generate alerts, dashboards, and investigation context.
  • Create reports and exports requested by customers.
  • Maintain service reliability, troubleshooting, and security.

3. Legal Basis and Purpose Limitation

Data is processed for legitimate security operations and service delivery. We do not use tenant security log data for unrelated advertising or profiling purposes.

4. Data Sharing

We do not sell customer data. Data may be shared only with required infrastructure and sub-processors that help deliver the service (for example hosting, storage, and monitoring), under appropriate contractual safeguards.

5. Data Retention

We retain data for as long as needed to provide the service, meet legal obligations, and support security investigations. Retention periods can vary by deployment and customer configuration.

6. Security Measures

We apply technical and organizational safeguards, including:

  • Access controls and role-based permissions.
  • Encryption in transit and secure storage practices.
  • Monitoring, logging, and incident response procedures.
  • Regular maintenance, patching, and dependency updates.

7. Your Choices and Rights

Depending on your location and applicable law, you may have rights to request access, correction, deletion, or restriction of personal data. Requests can be made through your account representative or by email.

8. Cookies and Session Data

We use essential session cookies to keep users authenticated and protect against misuse (such as CSRF protections). We do not rely on third-party advertising cookies in the core application.

9. Policy Updates

We may update this policy from time to time. Material updates will be reflected on this page with a revised date.

10. Contact

For privacy and data handling questions, contact us at sales@azureir.com.