Privacy Policy

Information We Collect When You Use the OpixIQ Platform

When you register for an account and connect your Microsoft environment to the OpixIQ platform, we act as a Data Processor to provide license management and optimization services. We collect and process the following types of information:

  • Personally Identifiable Information (PII): We perform a two-way sync from your Microsoft Azure Active Directory (Entra ID), which may include Employee Names, Email Addresses, Mobile Phone numbers, Home Locations, Employee IDs, IP Addresses, and Department/Job Titles. We explicitly request that you do not upload “Special Categories” of data (such as health records or social security numbers) unless requested via a secured field.
  • Software Telemetry & Metadata: We ingest raw metadata, including activity logs from Microsoft Teams, Exchange, OneDrive, and SharePoint. We also track software usage logs, such as clicks, logins, and volume.
  • Billing & Metering Data: We sync usage counts and metering data provided by the underlying Cloud Provider (Microsoft) and our distributor (Pax8).
  • Organizational Data: We ingest raw user attributes to build, configure, and store organizational hierarchies and reporting structures within the platform.

How We Use Platform Data

We use the data collected from your tenant strictly to provide and improve the OpixIQ service:

  • Service Delivery: We use Granular Delegated Admin Privileges (GDAP) to sync your billing data and utilization metadata.
  • Analytics & Scoring: We use software telemetry and metadata to calculate “Efficiency Scores,” “Productivity” ratings, and to flag usage anomalies. All calculations are performed within OpixIQ’s secure infrastructure. We do not share raw metadata with third-party Large Language Model (LLM) providers to generate these scores.
  • Two-Way Synchronization: If you enable the “Two-Way Sync” feature, we use the connection to write administrative changes made within the OpixIQ platform back to your Microsoft Tenant.
  • AI Model Training: We may use de-identified and aggregated data (stripped of PII and specific company identifiers) to train and improve our Artificial Intelligence and Machine Learning models for industry benchmarking. We do not use your specific organizational metadata to train “global” AI models.

Data Storage, Privacy Controls, and Retention

  • Anonymization: By default, the OpixIQ platform is configured to mask or anonymize individual user identities (e.g., hiding names and email addresses). Administrators have the manual option to reveal PII, assuming liability for that action.
  • Hosting: Platform data and infrastructure are hosted on Microsoft Azure servers located strictly within the United States.
  • Retention: Upon full account cancellation, operational platform data stored in OpixIQ is deleted immediately. Billing and transaction records are retained for seven (7) years to comply with tax and accounting laws. If you downgrade to a Free tier, your historical data is locked and inaccessible until you upgrade.

Third-Party Sub-Processors

To provide critical infrastructure, support, and payment services, OpixIQ shares necessary data with third-party sub-processors. Our current sub-processors include:

  • Microsoft Azure for hosting services.
  • Stripe for payment processing.
  • Pax8 for license distribution.
  • GoHighLevel for CRM and support.
  • Retell AI and Vapi for voice AI agents.

We reserve the right to change these vendors from time to time. When we make changes to our critical sub-processors, we will provide reasonable notice subject to this Privacy Policy.