ProPM-Agent Privacy Policy

Effective date: 2025-12-21  |  Last updated: 2025-12-21

This privacy policy is provided as a practical template for an Azure Marketplace offer. You should review and adapt it to match your organization, your actual data flows, and your legal/compliance requirements.

1. Overview

ProPM-Agent (“the Application”) is an Azure Managed Application deployed into the customer’s Azure subscription. This policy explains what information may be processed when customers use the Application and how that information is handled.

2. Who is responsible for data (Customer vs. Publisher)

In most deployments, customers control the Azure subscription where ProPM-Agent is deployed and determine what data is uploaded or entered. Depending on the management permissions configured for the Azure Managed Application, the publisher may have limited access to manage and support the Application.

3. Information we process

The Application may process the following categories of information:

  • Identity and access data: authentication tokens and user identifiers required for sign-in via Microsoft Entra ID (for example, user principal name, display name, tenant ID, and role claims as configured by the customer).
  • Customer content: project content submitted by users, such as prompts, chat messages, project metadata, uploaded documents, and generated artifacts (reports, summaries, notes).
  • Operational and diagnostic data: logs, metrics, traces, and error reports produced to operate and secure the Application (for example, request IDs, timestamps, performance metrics, and failure diagnostics). Content may be minimized or redacted depending on configuration.
  • Usage data: feature usage events and aggregate counts used for monitoring, billing/metering (if applicable), and service improvements.

4. How we use information

Information is processed to:

  • Provide the Application’s functionality (project planning assistance, knowledge retrieval, and report generation).
  • Authenticate users, enforce authorization, and apply tenant/project access controls.
  • Operate, maintain, troubleshoot, and secure the Application (including abuse detection and auditability).
  • Generate and store project artifacts requested by users.

5. AI processing and retrieval

The Application uses Azure-native AI services for multi-agent orchestration and for retrieval of project knowledge. Project retrieval is performed via Azure AI Search against project-scoped indexes.

Customers should review the applicable Microsoft Azure service terms and documentation for the AI services they enable in their deployment. The Application is designed to keep retrieval scoped to the customer’s project data sources configured within the customer’s Azure environment.

6. Where data is stored and processed

ProPM-Agent is deployed into the customer’s Azure subscription and typically stores data in customer-controlled Azure resources (for example, databases and storage accounts created by the deployment). Data location depends on the Azure region selected at deployment time.

7. Sharing and disclosure

We do not sell customer content. Data may be disclosed only as needed to:

  • Run the Application within the customer’s Azure environment (including use of Azure platform services selected by the customer).
  • Provide support and operational maintenance, where publisher access is granted by the customer through Managed Application permissions.
  • Comply with applicable law and lawful requests.

8. Security

The Application is designed for enterprise security patterns such as role-based access control, managed identities, and private networking where available. Customers are responsible for configuring their Azure environment and access policies, including identity governance and network controls.

9. Data retention and deletion

Data retention depends on customer configuration and how long the customer keeps the deployed resources. To delete customer data, customers can remove content from the deployed resources or delete the Managed Application and its managed resource group.

10. Customer rights

Customers can access, export, correct, or delete their data using the Application features and/or Azure resource controls. If you need assistance, contact us using the details below.

11. Contact

Publisher contact for privacy inquiries:

  • Organization: NovaBiz, LLC
  • Email: support@novabiz.pro
  • Address: 131 Continental Dr, Suite 305 · Newark, DE 19713

12. Changes to this policy

We may update this policy from time to time. Updates will be posted at the same URL where this policy is published.