officeatwork | Verifier for Office

Publisher Attestation: The information on this page is based on a self-assessment report provided by the app developer on the security, compliance, and data handling practices followed by this app. Microsoft makes no guarantees regarding the accuracy of the information.

Last updated by the developer on: October 21, 2019

General information

Information provided by officeatwork 365 to Microsoft:

Information Response
App name officeatwork Verifier for Office
ID WA200000133
Office 365 clients supported Word 2016 for Mac, Word 2016 or later, Word Online, Word for iPad
Partner company name officeatwork 365
Physical address Bundesplatz 12, 6300 Zug, Switzerland
URL of partner website https://www.officeatwork365.com/
URL of Privacy Policy https://links.officeatwork.com/officeatwork-privacystatement
URL of Terms of Use https://go.microsoft.com/fwlink/?LinkID=521715&omkt=en-US
Main telephone number +41 41 544 7100
Description of available licensing options, if any Business; Enterprise; Government; NOP&NGO; Education; Personal (free);
Licensing contact Roman Stalder (roman.stalder@officeatwork.com)
Licensing telephone number https://links.officeatwork.com/officeatwork-buy

Feedback

Questions or updates to any of the information you see here? Contact us!

How the app handles data

Information provided by officeatwork 365 on how this app collects and stores organizational data, and what control an organization has over this data.

Data access using Microsoft Graph

List any Microsoft Graph permissions this app requires, and for each, whether they are delegate or application permissions, the justification and purpose for this permission (what does the app use this information for?), and whether the app stores any of this information in its databases.

Permission Delegated/Application Justification/Purpose Is any of this data stored in app database(s)? Azure AD App ID
openid Delegated Used to enable sign in with an organizational and/or Microsoft Account. No data is stored. edb24f8f-38af-4b3e-9475-0da243678d5a
openid Delegated Used to enable sign in with an organizational and/or Microsoft Account. No data is stored. 8cf0fbc9-28f7-4bfb-94db-237b049fcbf7
profile Delegated Used to read the user’s oid (Object ID / User Id) for investigating support issues. Used to store the oid in AppInsights for support reasons. The AppInsights storage is only accessible by selected officeatwork engineering and support staff. The transfer of event data is encrypted. Each event in AppInsights will automatically be deleted after three months, including the oid for those events. 8cf0fbc9-28f7-4bfb-94db-237b049fcbf7
offline_access Delegated Used to automatically re-sign-in the user when re-launching the product. This saves the user from having to manually sign-in to the product on every launch of the product. We do not use this permission other than to the user's convenience of automatically signing in the user. 8cf0fbc9-28f7-4bfb-94db-237b049fcbf7
email Delegated Used to pre-populate the login hint in following authentication flows to enable the best possible authentication experience for users. Used to pre-populate the login hint in following authentication flows to enable the best possible authentication experience for users. 8cf0fbc9-28f7-4bfb-94db-237b049fcbf7
User.ReadWrite Delegated Used to: A) read and write product-specific user settings for the convenience of the user. This will, for instance, allow the product to 'remember' the language setting the user has selected. So next time the user signs into the product the language will be set correctly. officeatwork does not store user settings of any kind on any of their own servers or services. B) help the user to identify the account they signed in with by displaying the name and photo of the account. C) read the first name, last name, and e-mail address of the user during the evaluation or free phase of the product so that we can connect, communicate and support the users during this phase. Used to: A) read and write product-specific user settings for the convenience of the user. This will, for instance, allow the product to 'remember' the language setting the user has selected. So next time the user signs into the product the language will be set correctly. officeatwork does not store user settings of any kind on any of their own servers or services. B) help the user to identify the account they signed in with by displaying the name and photo of the account. C) read the first name, last name, and e-mail address of the user during the evaluation or free phase of the product so that we can connect, communicate and support the users during this phase. 8cf0fbc9-28f7-4bfb-94db-237b049fcbf7
User.ReadBasic.All Delegated Used to interactively read information about, add and remove the designated officeatwork administrators. Used to interactively read information about, add and remove the designated officeatwork administrators. edb24f8f-38af-4b3e-9475-0da243678d5a
profile Delegated Used to store the oid (object ID / User ID) of the designated officeatwork Administrators in an encrypted Azure Cosmos DB instance to capture who can perform administration tasks for the officeatwork subscriptions on a Microsoft 365 tenant basis. Each tenant has their own tenant document and access to that document is restricted to the corresponding tenant only. edb24f8f-38af-4b3e-9475-0da243678d5a

Data access using other Microsoft APIs

Apps and add-ins built on Microsoft 365 may use additional Microsoft APIs other than Microsoft Graph to collect or process organizational information. List any Microsoft APIs other than Microsoft Graph this app uses, and for each, the justification and purpose (what does the app use this information for?), and whether the app stores any of this information in its databases.

Microsoft API Justification/Purpose Is any of this data stored in app database(s)?
None Not Applicable Not Applicable

Non-Microsoft Services Used

If the app transfers or shares organizational data with non-Microsoft service(s), list the non-Microsoft service(s) the app uses, what data is transferred, and include a justification for why the app needs to transfer this information.

No data is transferred.

Add-in Data Access

List the permissions this app requires for accessing your organization's data, the justification and purpose for this permission (what does the app use this information for?), and whether the app stores any of this information in its databases.

Permission Description
ReadWrite Document Can read and make changes to your document
Send Data Can send data over the Internet

Telemetry data

Does any organizational information, including EUII (end-user identifiable information) and OII (organizational identifiable information), appears in this application's telemetry/logs? If yes, describe what data is present and what controls/processes an organization has in place to archive and/or delete it. If no, describe the controls/processes in place to prevent EUII and OII from appearing in telemetry/logs.

Not specified.

Storing and securing organizational data

Describe where/how is this application's data is stored and how access to it is controlled. Is it encrypted? Who can access it? How do you ensure that only authorized systems/individuals can access it? Examples: 2FA for all admins, Privileged Access Management (PMA), partitioning service admin accounts from Azure AD/corporate user accounts, protected IP ranges between systems, etc.

Not specified.

Organizational controls for data stored by partner

Describe any capabilities an organization's administrators have to control their information residing in partner systems, e.g. deletion, retention, auditing, archiving, end-user policy, etc.

Not specified.

Human review of organizational information

Are humans involved in reviewing or analyzing any organizational data that is collected or stored by this app?

Yes

Feedback

Questions or updates to any of the information you see here? Contact us!

Information from the Microsoft Cloud App Security catalog appears below.

Note

The information on this page is based on a self-attestation report provided by the app developer on the security, compliance and data handling practices followed by the app. Microsoft makes no guarantees regarding the accuracy of the information. Contact us if you believe information about an app is outdated.

View in a new tab

Feedback

Questions or updates to any of the information you see here? Contact us!