Privacy Policy for OutlookReVision

Last Updated: October 19, 2025

      Important: This add-in processes email content using Azure OpenAI. Please read this policy carefully to understand how your data is handled.
    

1. Introduction

OutlookReVision ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Outlook add-in.

2. Information We Collect

2.1 Email Content

When you use our AI-powered features (translate, revise, compose), we temporarily process:

Email subject lines
Email body text
Recipient information (only for context, not stored)

2.2 User Information

Your email address (for rate limiting and logging)
Outlook version and language settings
Add-in usage statistics (feature usage counts)

2.3 Technical Data

IP address (for security and rate limiting)
Browser/Outlook client version
Error logs and performance metrics

3. How We Use Your Information

3.1 Primary Purpose

AI Processing: Email content is sent to Azure OpenAI API for translation, revision, or composition
Rate Limiting: Email addresses are used to prevent abuse (50 requests per day per user)

3.2 Service Improvement

Aggregate usage statistics to improve features
Error logs to diagnose and fix issues
Performance metrics to optimize response times

4. Data Processing and Storage

4.1 Azure OpenAI Processing

Provider: Microsoft Azure OpenAI Service
Region: Australia East
Retention: Email content is not stored by Azure OpenAI (per Microsoft's Data Processing Agreement)
Training: Your data is not used to train AI models (per Azure OpenAI terms)

4.2 Our Storage

Logs: User email addresses in logs are retained for 30 days
Cache: Rate limiting data (email + request count) cached for 24 hours (resets at midnight UTC)
Analytics: Aggregate statistics (no personal data) retained for 1 year

4.3 Data Location

API Server: Azure App Service (Australia East)
Database: None (no permanent data storage)
Logs: Azure Application Insights (Australia East)

5. Data Sharing

We do not sell your data. We share data only with:

5.1 Service Providers

Microsoft Azure: For cloud hosting and AI processing (covered by Microsoft's DPA)

5.2 Legal Requirements

We may disclose your information if required by law or to:

Comply with legal processes
Enforce our Terms of Service
Protect our rights or safety

6. Your Rights

Under GDPR, CCPA, and other privacy laws, you have the right to:

6.1 Access

Request a copy of data we hold about you (email us at the contact below)

6.2 Deletion

Request deletion of your data:

Logs: Deleted within 30 days of request
Cache: Automatically expires after 24 hours

6.3 Opt-Out

Revoke consent in add-in settings (disables AI features)
Uninstall the add-in to stop all data processing

6.4 Portability

Request your data in a portable format (contact us via email)

7. Data Security

7.1 In Transit

All data transmitted via HTTPS/TLS 1.2+
API authentication via Azure-managed keys

7.2 At Rest

Logs encrypted in Azure Application Insights
No permanent email content storage

7.3 Access Control

Production API access restricted to authorized personnel
Azure RBAC controls in place

8. Data Retention

Data Type	Retention Period	Purpose
Email content	Not stored	Temporary processing only
User email (logs)	30 days	Debugging and monitoring
Rate limit cache	24 hours (resets daily)	Abuse prevention
Error logs	30 days	Issue resolution
Usage statistics	1 year (anonymized)	Service improvement

9. Children's Privacy

This add-in is not intended for users under 16. We do not knowingly collect data from children.

10. International Data Transfers

If you're outside Australia/New Zealand, your data may be transferred to and processed in Australia East (Azure region). We rely on:

Microsoft's Standard Contractual Clauses (SCCs)
Azure's GDPR compliance certifications

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via:

In-add-in notification
Email to registered users
Updated "Last Updated" date

12. Contact Us

For privacy inquiries, data requests, or concerns:

Feedback Form: Use the built-in feedback form in the add-in
Website: https://revision.funcoding.nz

Note: You can submit privacy-related requests directly through the add-in's feedback system.

13. Regulatory Information

Data Controller: FUNCODING

Institution: FUNCODING LIMITED, New Zealand

14. Microsoft Azure Sub-Processor

Azure OpenAI Service (Microsoft Corporation)
Privacy Policy: Microsoft Privacy Statement
DPA: Microsoft DPA