LicenSweep Home

Privacy Policy

Last updated: July 2026

This policy explains what data LicenSweep ("the Service") accesses, stores, and how it's used.

1. What we access

When your administrator connects your Microsoft 365 tenant, the Service reads, via Microsoft Graph:

We do not access email content, file content, Teams messages, calendar data, or any data beyond license assignment and activity timestamps.

2. What we store

We store your tenant ID and connection status in our database so the Service knows which tenant to query on your behalf. We do not store the full activity report or user-level data persistently — it's fetched fresh from Microsoft Graph each time you view your dashboard.

3. What we don't store

We never receive, request, or store your Microsoft 365 password or any user's login credentials. Authentication to your tenant happens entirely through Microsoft's own OAuth consent flow, using an application-level token — no user credentials pass through our systems at any point.

4. Payment information

Billing is processed by a third-party payment processor (Stripe). We do not store your card details on our own servers.

5. Data sharing

We do not sell, rent, or share your tenant's data with third parties, except as required to operate the Service (e.g., our cloud hosting provider) or as required by law.

6. Data retention and deletion

You can delete the tenant record stored by the Service using the disconnect control in the dashboard. Revoking the enterprise application separately in Microsoft 365 prevents future Graph access. Contact support using the address published by the Service operator for assistance.

7. Security

Data in transit is encrypted via HTTPS/TLS. Access tokens used to query Microsoft Graph are requested fresh for each session and are not persisted to disk.

8. Changes to this policy

We may update this policy periodically. Material changes will be reflected with an updated "Last updated" date above.

9. Contact

Before public launch, the Service operator will publish its legal name, postal address, and monitored privacy-support email here.

This is a general-purpose template and is not a substitute for advice from a qualified attorney, particularly regarding GDPR, CCPA, or other regional data-protection requirements that may apply to your customers.