Privacy policy for diagrams.net App for Microsoft Teams

This Privacy Policy details how the diagrams.net by JGraph App for Microsoft Teams (hereafter called the “diagram.net app” collects, uses and shares information gathered from the User (“you”), as well as explaining how data is processed and stored. The App is created by JGraph Ltd (“we/us/diagrams.net”).

The diagrams.net App enables a user to select a diagram from their OneDrive or Sharepoint, then load and edit that diagram within a tab on the Teams interface. Usage of the online app.diagrams.net application is covered by the diagrams.net privacy policy, this policy is specific to just operation of the Microsoft Teams app.

If you have any questions regarding this privacy policy, please email [email protected].

Editing a diagram

You will have already have given diagrams.net permission to create, edit and delete files, like diagram files, in your OneDrive. No further permissions are requested to use diagrams.net with Teams.

Please refer to the privacy policy of OneDrive for more details:

OneDrive – Microsoft’s privacy policy

Personal information

At no point is any personally identifiable information (PII) transmitted to diagrams.net servers and, therefore, PII is never stored, retained, require deletion or be subject to security controls around that data.

Diagram data and authenication

Authenication to OneDrive is performed directly to Microsoft and your browser holds the authenication token. The token is not stored in diagrams.net servers, so we cannot act on your behalf without your knowledge.

diagrams.net does not have an additional authenication mechanism, there is no authenication exchange (Single Sign On).

Once a diagram is loaded for editing, it is loaded directly from Microsoft servers to your browser. It does not transmit via diagrams.net servers. The same principle applies when saving.

We do not store your data at any time, nor do we see your data during save/load operations.

Data security

Diagrams data is transmitted to diagrams.net servers if you request a PDF of your diagram. The PDF generation servers are configured to industry standard security level and have ongoing security testing as part of a bug bounty program.

Data transmitted from the client browser to the PDF generation servers is encrypted with TLS1.2+ and encrypted at all points in transit between your browser and the endpoint server.

No data is ever retained on JGraph servers, it deleted immediately after export processing is completely.