Privacy Policy — Backend Driven Visual
Publisher: airsecoma GmbH · Last updated: 2 July 2026 ·
Contact: jerome.rougnon-glasson@airsecoma.com
This policy describes how the Backend Driven Visual Power BI custom visual
("the visual"), published by airsecoma GmbH, handles data. The visual is distributed as a private
plan to authorised organisations and is intended for use against an airsecoma-operated backend
within the customer's own tenant arrangement.
1. Who we are
The visual is published and operated by airsecoma GmbH. For any privacy
question, data-access or deletion request, contact
jerome.rougnon-glasson@airsecoma.com.
2. What data the visual sends, and where
The visual is a thin shell: it carries no business logic and stores no data itself. On each
refresh it sends, over HTTPS, to the airsecoma backend it is configured to call:
- Bound report data — the field values the report author placed on the visual
(the data in its data well).
- Minimal render context — locale, viewport dimensions, and an optional
report-defined "stage"/environment label.
- In launchUrl sign-in mode only, an opaque session identifier
(a random value) used to associate the request with a server-side session.
The backend returns a declarative description of what to render (a table, card, chart, or
sanitised HTML) plus the data to display. The visual never receives or executes remote
code.
3. Identity and authentication
- SSO mode. Power BI supplies the signed-in user's Microsoft Entra access token
to the visual, which forwards it to the backend solely to authenticate the request. From the token
the backend reads only the user's identity (their Microsoft Entra object id); the token carries
no security-group information. To decide which data the user may see, the backend then checks
the user's group membership by querying Microsoft Graph. No identity information is placed in
the rendered output, and the visual does not persist the token.
- launchUrl mode. The user signs in through a standard Microsoft Entra
browser sign-in. The backend completes the OAuth authorization-code flow and holds the
resulting tokens server-side; the access/refresh tokens never enter the Power
BI visual. The visual only ever holds the opaque session identifier described above.
4. Where data is processed and stored
- Requests are processed by the airsecoma backend running on Microsoft Azure (West
Europe).
- In SSO mode no session is stored; the request is authenticated, gated, and
answered, and nothing about the user is retained beyond standard operational logs.
- In launchUrl mode a session record is stored in Azure Table Storage
containing the user's object id, security-group ids, and an AES-256-GCM-encrypted
refresh token, together with an expiry timestamp. This exists only to keep the user signed in
for the duration of their session.
5. Retention
launchUrl sessions have a hard time-to-live (8 hours by default); expired sessions are purged by
a scheduled daily job. SSO mode retains no session data. Operational logs are retained only as long
as needed for security and reliability and are not used to profile users.
6. What we do not do
- We do not sell, rent, or share your data with third parties.
- We do not use your data for advertising or cross-site tracking.
- We do not store the bound report data beyond what is needed to answer the
request.
7. Your rights and contact
To request information about, or deletion of, any data held in connection with your use of the
visual, contact jerome.rougnon-glasson@airsecoma.com.
Because the backend is operated for a specific organisation, requests are handled in coordination
with that organisation's administrators.
8. Changes to this policy
We may update this policy as the visual evolves. The "last updated" date above reflects the
current version.