This policy covers both Guest Sponsor Info for Microsoft Entra B2B (the SharePoint web part) and the Guest Sponsor API for Microsoft Entra B2B (the companion Azure Function). Together they are designed with a privacy-first architecture. All data processing happens within your own Microsoft 365 and Azure tenant boundaries.
If you are looking specifically for Azure deployment attribution and opt-out, see the Telemetry page. For the operational rollout steps, see the Setup Guide.
Key Principles
- No data sent to Workoho or third parties — the web part and Azure Function operate entirely within your tenant.
- Browser memory only — the web part holds sponsor data (name, title, email, phone, Microsoft Teams presence) in browser memory during the page session. Nothing is persisted to disk or sent elsewhere.
- Azure Function is stateless — each request is processed and discarded. No sponsor or guest data is stored.
- Your Application Insights — if enabled, telemetry goes to your own Azure subscription. Workoho has no access.
Permissions Used
All Microsoft Graph permissions are held exclusively by the Guest Sponsor API for Microsoft Entra B2B — the web part itself has none.
| Scope | Required? | Purpose |
|---|---|---|
User.Read.All |
Required | Read sponsor profiles and filter disabled accounts |
Presence.Read.All |
Optional | Microsoft Teams presence indicators |
MailboxSettings.Read |
Optional | Filter shared/room/equipment mailboxes |
TeamMember.Read.All |
Optional | Detect guest Microsoft Teams account provisioning |
Full Policy
For the complete privacy policy including data subject rights, GitHub release checks, and Customer Usage Attribution details, see the full privacy policy on GitHub.
For security posture and trust assumptions, see the security assessment on GitHub.
For support options around deployment, customization, or operations, see Support.