Question: Is our data safe?

Yes, absolutely. We designed all of our Apps in a way that will ensure we never send any of your data to any of our servers. So even though the add-in will want to read from SharePoint Online, Teams, or OneDrive for Business, that data is only transmitted between your Office 365 tenant and the App running in your Office application / Office 365 tenancy. The data never gets transferred to any of our servers.

Question: Does officeatwork store any personal customer user data?

No. officeatwork stores absolutely no customer user data at all. The only time where officeatwork stores user data is during the evaluation phase of the Apps. This is needed to help potential customers explore and on-board the Apps officeatwork offers.

Question: Can the App read all our SharePoint data

No. The permissions granted to the App always honor the existing security settings you already established. Users, therefore, only see templates they would see if they were to browse SharePoint online directly. The SharePoint permission enabling the App to access SharePoint is of type «Delegate Permission», meaning it will only work in the context of a user. This means that the App, by itself, has no access at all. To be able to access SharePoint, it will always require a user to be signed in to the App. This same concept also applies to your resources like Teams or OneDrive.

Question: Can I easily pre-consent the permissions the App requires?

Yes. To prevent each user from having to provide consent for the different resources, we offer a dedicated pre-consent flow that will allow you as an administrator to pre-consent the access to those resources on behalf of your users.