Last Updated on April 8, 2025
Authentication & Access
OAuth2 via Azure Active Directory
Lens uses Microsoft’s secure OAuth2 flow for authentication. When a user logs in through Lens, they are redirected to Microsoft's own login system. At no point does Lens access or store your credentials.
Authentication is handled via your organization’s Azure Active Directory.
Lens only requests the minimum required scopes for reading CRM data.
Data Flow & Usage
Client-side Only
Lens operates entirely within the user's browser. It does not collect, store, or transmit any CRM data to external servers.
All data is retrieved directly from Microsoft Dynamics 365 APIs using the user’s authenticated session.
No data is cached, logged, or analyzed outside of the session context.
When the browser is closed, all temporary data is cleared.
What Lens Does:
Reads opportunity data from Dynamics Sales to power visualizations.
Displays insights inline within the existing CRM interface.
Helps sales teams identify stale or neglected opportunities.
What Lens Does NOT Do:
Store or sync your data outside the browser.
Modify or delete CRM data.
Access any unrelated systems, email, or personal files.
Third-Party Payment Processor
We have partnered with Stripe as our third-party payment processor. Stripe is certified to the highest industry standards and complies with the Payment Card Industry Data Security Standards (PCI-DSS). We rely on Stripe to:
Securely handle all payment transactions,
Ensure customer payment data is protected,
Minimize the exposure of sensitive information within our internal systems.
We do not store any credit card numbers or sensitive payment details on our servers. Access to payment-related metadata (e.g., transaction IDs, billing contact info) is restricted and monitored for authorized personnel only.
Permissions
Lens adheres to a minimal permissions policy.
It only accesses:
Specific Dynamics 365 Sales endpoints needed for visualization.
Active tab and site-specific access, limited to *.dynamics.com.
No broad Chrome permissions or background access is used.
Transparency & Compliance
No Third-Party Tracking: Lens does not use Google Analytics, cookies, or trackers.
No Data Monetization: Your CRM data is yours — we don’t sell, mine, or analyze it.
Compliance First: We follow Microsoft’s recommended extension and OAuth implementation standards.
Data Access and Security
We maintain strict access control and data minimization policies. Only essential team members have access to payment-related metadata, and only for purposes such as refunds, billing support, or compliance.
Changes to this Privacy Policy
We reserve the right to update or change this Policy at any time. Any changes will be posted on this page, and the effective date will be updated accordingly. We encourage you to review this Policy periodically for any updates.
Contact Us
If you have any questions or concerns about our Policy or the handling of your data, please contact us at lens@nordcfo.com
