We believe in complete transparency about how OAIO protects your data and respects your privacy. This page explains, in clear terms, what we access, how we protect it, and what rights you have.
OAIO follows the “principle of least privilege” - we only request the minimum permissions necessary to provide our services. You remain in full control of your Microsoft 365 environment.
We read user profiles to show you organizational hierarchies, group memberships, and manager relationships. Write access is needed for user onboarding/offboarding features - creating new users, updating profiles, and managing account lifecycle.
These permissions allow us to visualize your group structure and manage memberships. We can show you who belongs to which groups and add/remove members when you perform onboarding or offboarding actions.
We access device information to show you which devices users own and their compliance status. This helps you understand the complete picture of your organization's security posture.
Directory permissions give us access to view and manage your Microsoft Entra ID (Azure AD) structure - essential for providing accurate visualizations and performing administrative tasks.
We read role assignments to identify privileged users and sensitive accounts. This is crucial for security monitoring and ensuring proper access controls are in place.
This permission enables Exchange-specific features like distribution group management and shared mailbox operations. It's used only when you perform Exchange-related actions.
We access conditional access policies to help you manage security rules and protect your organization. This includes viewing existing policies and creating new security controls.
Audit log access helps us provide compliance reporting and track changes in your environment. This is read-only and doesn't modify any audit data.
You can revoke these permissions at any time through your Microsoft 365 admin center. OAIO will stop working if permissions are revoked, but no data remains accessible to us.
We're here to help. If you have any questions about how we protect your data or handle your information, please don't hesitate to reach out.