Privacy Policy

SharePoint Intel Marketplace Offer

Last Updated: November 5, 2025

1. Introduction

This Privacy Policy describes how Stealth Labs Ltd ("we", "us", or "our") handles data in connection with the SharePoint Intel application (the "Application"), an Azure Managed Application available through the Microsoft Azure Marketplace. SharePoint Intel is designed to scrape and index data from your Microsoft SharePoint environment and store it in a managed database for enhanced search and intelligence capabilities.

We are committed to protecting your privacy and ensuring transparency about how your data is processed. This policy explains what data is collected, how it is used, and the measures we take to protect it.

2. Application Overview

SharePoint Intel is deployed as an Azure Managed Application within your Azure subscription. The application:

  • Connects to your SharePoint environment via Microsoft Graph API
  • Scrapes and indexes documents, metadata, and content from your SharePoint sites
  • Stores the indexed data in a database within your Azure environment
  • Provides search and intelligence features over your SharePoint content

3. Data Collection and Processing

3.1 SharePoint Content Data

The Application processes the following types of data from your SharePoint environment:

  • Document Content: Full text and content from documents stored in SharePoint (including Word, Excel, PowerPoint, PDF files, etc.)
  • Document Metadata: File names, creation dates, modification dates, authors, file sizes, file types, and folder structures
  • SharePoint Site Data: Site names, URLs, permissions metadata, lists, and libraries structure
  • User Metadata: User names, email addresses, and role information associated with documents and sites (for access control purposes)

3.2 Technical and Operational Data

The Application also collects limited technical data for operational purposes:

  • Application Logs: System logs, error logs, and performance metrics
  • Usage Statistics: Aggregated, anonymized statistics about application usage
  • Diagnostic Data: Information necessary for troubleshooting and support

4. Data Storage and Location

All SharePoint content data processed by the Application is stored exclusively within your own Azure subscription:

  • Data is stored in a managed database deployed in your Azure environment
  • You retain full ownership and control over your data
  • Data remains within the Azure region you selected during deployment
  • The database is encrypted at rest using Azure-managed encryption keys or your own keys (depending on your configuration)
  • Data in transit is encrypted using TLS 1.2 or higher

5. Stealth Labs' Access to Your Data

5.1 No Access to Content Data

Stealth Labs does NOT have access to your SharePoint content data or the indexed data stored in your database.As an Azure Managed Application, the Application runs entirely within your Azure subscription and resource group. Your content remains private and under your exclusive control.

5.2 Limited Access for Support

Stealth Labs maintains limited access for operational support purposes only:

  • Application Logs: We have access to application logs and error logs to diagnose technical issues and provide support
  • Diagnostic Telemetry: We collect anonymised telemetry data (error rates, performance metrics, feature usage) to improve the Application
  • Support Access: Upon your explicit request, we may access logs and diagnostic information to troubleshoot specific issues

All support access is:

  • Logged and auditable through Azure Activity Logs
  • Limited in scope to diagnostic and operational data only
  • Subject to strict access controls and security protocols
  • Conducted by authorized personnel only

6. How We Use Data

Stealth Labs uses the limited data we have access to solely for the following purposes:

  • Application Operation: To ensure the Application functions correctly within your environment
  • Technical Support: To diagnose and resolve technical issues when you contact us for support
  • Service Improvement: To analyse anonymised usage patterns and improve the Application's features and performance
  • Security Monitoring: To detect and respond to potential security threats or vulnerabilities
  • Compliance: To comply with legal obligations and respond to lawful requests from authorities

We do NOT use your content data for:

  • Training machine learning models or AI systems
  • Marketing or advertising purposes
  • Selling or sharing with third parties
  • Any purpose other than those explicitly stated in this policy

7. Data Sharing and Third Parties

Stealth Labs does not share, sell, rent, or trade your data with third parties, except in the following limited circumstances:

  • Microsoft Azure: The Application is hosted on Microsoft Azure infrastructure. Microsoft acts as a sub-processor and has its own privacy policies and data protection measures
  • Service Providers: We may engage trusted service providers who assist with application hosting, monitoring, or support services. These providers are contractually bound to protect your data and use it only for specified purposes
  • Legal Requirements: We may disclose data if required by law, regulation, legal process, or government request
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, data may be transferred to the acquiring entity, subject to the same privacy protections

8. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: Data at rest is encrypted using Azure Storage Service Encryption. Data in transit is encrypted using TLS 1.2+
  • Access Controls: Role-based access controls (RBAC) limit access to authorized personnel only
  • Authentication: The Application uses OAuth 2.0 and Azure Active Directory for secure authentication
  • Audit Logging: All access and operations are logged and can be audited through Azure Monitor
  • Regular Updates: The Application is regularly updated with security patches and improvements
  • Isolation: As a managed application, your instance is isolated from other customers

9. Data Retention and Deletion

Your Content Data:

  • All SharePoint content data is stored in your Azure subscription and is under your control
  • You can delete your data at any time by deleting the managed application or the associated database
  • When you uninstall the Application, your data remains in your Azure environment until you explicitly delete it

Logs and Telemetry Data:

  • Application logs are retained for 90 days for support purposes
  • Anonymized telemetry data is retained for up to 2 years for service improvement
  • Diagnostic data related to specific support cases is retained for 12 months after case closure

10. Your Rights and Choices

You have the following rights regarding your data:

  • Access: You have full access to all your content data stored in your Azure subscription
  • Correction: You can modify or correct your data at any time through the Application or directly in your database
  • Deletion: You can delete your data by uninstalling the Application or deleting the managed resource group
  • Export: You can export your data at any time using Azure tools or the Application's export features
  • Opt-Out: You can disable telemetry collection by configuring the Application settings (note: this may impact support capabilities)

For questions about exercising your rights or to request access to logs or telemetry data we maintain, contact us at the details provided in Section 13.

11. Compliance and Certifications

Stealth Labs is committed to meeting industry standards for data protection and privacy:

  • GDPR: We comply with the General Data Protection Regulation (GDPR) for processing data of EU residents
  • UK GDPR: We comply with UK data protection laws as a UK-based company
  • Microsoft Trust Center: The Application leverages Azure's compliance certifications including ISO 27001, SOC 2, and others
  • Data Processing Agreement: We offer a Data Processing Agreement (DPA) for customers who require one

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • For material changes, we will notify you via email (if we have your contact information) or through the Application
  • Your continued use of the Application after changes become effective constitutes acceptance of the updated policy

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Stealth Labs Ltd

Email: privacy@stealthlabs.uk

Support: hello@stealthlabs.uk

Website: www.stealthlabs.uk

Registered Address: United Kingdom

Summary of Key Privacy Protections

  • Your data stays in your Azure subscription - we don't have access to your SharePoint content
  • We only access logs for support - limited to troubleshooting when you need help
  • No content used for AI training - your data is never used for machine learning or other purposes
  • You maintain full control - you can delete or export your data at any time
  • Enterprise-grade security - encryption, access controls, and Azure's trusted infrastructure

This privacy policy is specific to the SharePoint Intel Azure Marketplace application. For our general website privacy policy, please visit our main website.