Written for the person who has to say yes.

A Global Administrator of your tenant grants consent once, through Microsoft's standard admin-consent dialog. That authorizes the "LicenseMeter Connector" application for application permissions that are read-only without exception. LicenseMeter then syncs nightly using its own credential — no service account in your tenant, no agent, no mailbox plugin. You can revoke the application in Entra ID at any time, independently of us.

• User.Read.Alldirectory users, enabled state, assigned licenses
• AuditLog.Read.Alllast sign-in timestamps (needs Entra ID P1)
• Reports.Read.Allusage and Copilot activity reports
• LicenseAssignment.Read.Allpurchased vs assigned seat counts
• ReportSettings.Read.Allwhether report names are concealed

The consent is recorded in your tenant's audit log. Sign-in to the dashboard itself uses a separate app registration with only openid, profile and email.

• ×Mailbox content, attachments or calendars
• ×Files in OneDrive, SharePoint or Teams
• ×Teams messages or meeting content
• ×Passwords, credentials or security tokens of your users
• ×Any write access — LicenseMeter cannot change anything in your tenant

Usage reports are consumed as counts and last-activity dates only — metadata, never content.

• ·License SKUs with purchased and assigned seat counts
• ·Directory users: display name, UPN, enabled state, user type, creation date, assigned licenses
• ·Last sign-in timestamps (when your tenant has Entra ID P1) and per-workload last-activity dates
• ·The prices you enter in the price book and the findings derived from the above
• ·If you connect Adobe (optional): Adobe user emails, status and product assignments; the Adobe credential itself is stored encrypted (AES-256-GCM) and used read-only
• ·A per-workspace activity log of exports and administrative actions, deleted with the workspace

Access to a workspace is invite-based. Signing in with an account from your tenant grants nothing by itself; the admin who completed consent decides who sees the data and in which role.

All customer data is stored in the EU (Postgres, Frankfurt region). Data is retained only while your tenant is connected. Disconnecting the workspace (Settings → Danger zone) deletes all synced data immediately and irreversibly — users, findings, prices, history. Revoking the enterprise application in your Entra ID additionally cuts our access at the source.

• Vercel Inc.Application hosting (EU function region)
• Neon / SupabasePostgres database, EU (Frankfurt)
• MicrosoftIdentity platform (sign-in, consent) and Graph API

The definitive subprocessor list is part of the DPA.

LicenseMeter processes directory data on your behalf, so a data processing agreement under Art. 28 GDPR (AVV) is part of every subscription. Request the current version by email and receive a countersigned copy before you connect production data.

Microsoft publisher verification for the LicenseMeter app registrations is in progress. Until it completes, the consent dialog shows the apps as unverified — and tenants with strict consent policies may block them. Microsoft displays the verification status directly in the consent dialog, so your admin can always confirm the current state independently of this page.

Security review, pentest coordination or vendor questionnaires: support@licensemeter.com. See also the FAQ and Datenschutzerklärung.