Embedded Files
Overview
Overview
At Overe, we take compliance, security, and data governance seriously. Our commitment is to provide a reliable and secure environment for our customers, ensuring data protection and regulatory compliance across all regions.
π Microsoft 365 App Permissions
π Microsoft 365 App Permissions
Overe connects to Microsoft 365 using a secure and least privilege model. The permissions we request are limited to what is required to assess configuration posture, monitor relevant activity, and apply security policy enforcement when customers choose to enable it.
We do not access customer emails, message bodies, documents, or file contents. We only collect the specific signals needed to deliver accurate assessments, continuous hardening, and threat detection across Microsoft 365 tenants.
Our Microsoft 365 integration uses an Azure AD enterprise application with a defined set of Graph API permissions. Each permission is documented with a clear explanation of why it is needed and how it is used within the platform.
You can review the full breakdown of required permissions here:
https://intercom.help/overe/en/articles/9815398-understanding-overe-microsoft-365-app-permissions
Β π©π½ββοΈ Terms and Policies
Β π©π½ββοΈ Terms and Policies
π¦ Data Collected
π¦ Data Collected
β
Customer Personally Identifiable Information (PII)
Overe may process limited customer PII, such as administrator names and email addresses, solely for account setup, customer communication, and the delivery of security notifications or product updates. Overe does not store customer emails, documents, files, or any customer content.
β
Employee Personally Identifiable Information (PII)
Overe may process limited employee PII, including usernames and email addresses from the customerβs Microsoft 365 environment, strictly for the purpose of detecting and reporting security anomalies. Overe does not store employee emails, documents, files, or any employee content.
β Credit Card Information
Overe does not access, process, or store any credit card or payment information.
β Personal Health Information (PHI)
Overe does not access, process, or store any personal health information or protected health records.
β
Security Controls
β
Security Controls
π€ Data Subprocessors
π€ Data Subprocessors
Β π΅οΈ Pentest
Β π΅οΈ Pentest
We conduct quarterly penetration tests and security reviews to proactively identify and mitigate vulnerabilities.
Access our last report here π
Want to learn more? Email us at hello@overe.io to get our last reports.
Overe - Pentest Report 05-2025s.pdfPage updated
Report abuse