This Privacy Policy details how the diagrams.net App for Microsoft Teams collects, uses and shares information gathered from the User ("you"), as well as explaining how diagrams.net data is processed and stored. The App is created by JGraph Ltd ("we/us/diagrams.net").


The diagrams.net App for Microsoft Teams enables a user to select a diagram from their OneDrive, then load and edit that diagram within a tab on the Teams interface. Usage of the diagrams.net application is covered by the diagrams.net privacy policy, this policy is specific to just operation of the Teams app.


Editing a diagram


You will have already have given diagrams.net permission to create, edit and delete files, like diagram files, in your OneDrive. No further permissions are requested to use diagrams.net with Teams.


Please refer to the privacy policy of OneDrive for details of their own privacy policy:



Personal Information


At no point is any personally identifiable information (PII) transmitted to diagrams.net servers and, therefore, PII is never stored, retained, require deletion or be subject to security controls around that data.


Diagram Data and Authenication


Authenication to OneDrive is performed directly to Microsoft and your browser holds the authenication token. The token is not stored in diagrams.net servers, so we cannot act on your behalf without your knowledge.


diagrams.net does not have an additional authenication mechanism, there is no authenication exchange (Single Sign On).


Once a diagram is loaded for editing, it is loaded directly from Microsoft servers to your browser. It does not transmit via diagrams.net servers. The same principle applies when saving.


We do not store your data at any time, nor do we see your data during save/load operations.


Data security


Diagrams data is transmitted to diagrams.net servers if you request a PDF of your diagram. The PDF generation servers are configured to industry standard security level and have penetration testing by a third-party at least every 12 months. 


Data transmitted from the client browser to the PDF generation servers is encrypted with TLS1.2+ and encrypted at all points in transit between your browser and the endpoint server.