Overview
At Overe, protecting customer data and ensuring transparency around our practices are top priorities.
This article explains what data Overe processes, what we store, and how we handle data within customer Microsoft 365 environments.
What data does Overe process?
Overe connects to Microsoft 365 environments using Microsoft Graph API to detect and monitor security anomalies.
In doing so, Overe may process limited metadata from your environment, including:
Usernames
User email addresses
User IDs
This information is processed solely to detect, investigate, and report potential security threats within your Microsoft 365 environment.
What data does Overe store?
Overe does not access, store, or retain:
Emails
Documents
Files
Calendar entries
SharePoint or OneDrive content
Teams messages or chats
We do not collect or store customer content.
Any metadata processed during security monitoring is used in real-time or temporarily cached for processing, and is not retained beyond what is necessary to provide our security services.
Why does Overe need access to metadata?
Access to metadata such as user email addresses and IDs is required to:
Detect account compromises
Monitor risky sign-ins and privileged escalations
Identify unauthorized access or misuse of Microsoft 365 resources
Overe operates under the principle of data minimization, processing only what is necessary to protect your organization.
How is data secured?
For more information about our security and compliance practices, please visit trust.overe.io.