PRIVACY POLICY

AES ETL Control Panel for Microsoft Fabric

Effective Date: April 28, 2026
Last Updated: April 28, 2026
Publisher: Assurance eServices
Contact: privacy@assuranceeservices.com

Table of Contents

  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Data Storage and Security
  5. Data Sharing and Disclosure
  6. Your Rights and Choices
  7. Data Retention
  8. International Data Transfers
  9. Children’s Privacy
  10. Changes to This Privacy Policy
  11. Contact Information
  12. Regional Privacy Rights

Introduction

Assurance eServices (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how the AES ETL Control Panel workload for Microsoft Fabric (“Workload,” “Service,” or “Application”) collects, uses, and protects your information.

Our Privacy Commitment

  • Privacy by Design: Privacy is built into the core architecture of our workload
  • Data Minimization: We collect only what is necessary for the service to function
  • Customer Control: You maintain complete control over your data
  • Transparency: We are clear about what data we collect and how we use it
  • Compliance: We comply with GDPR, CCPA, and other applicable privacy regulations

Scope

This Privacy Policy applies to:

  • The AES ETL Control Panel workload for Microsoft Fabric
  • All services and features provided through the workload
  • Data processed through pipeline configurations and executions

This Privacy Policy does not apply to:

  • Microsoft Fabric platform (governed by Microsoft’s Privacy Statement)
  • Third-party services you may integrate with through the workload
  • Your organization’s internal privacy policies

Information We Collect

1. Authentication Information

What We Collect:

  • Microsoft Entra ID (Azure AD) user identity tokens
  • User principal name (email address)
  • Entra ID tenant identifier
  • User object ID

How We Collect It:

  • Through Microsoft Entra authentication using the Fabric Workload Client SDK
  • Automatically when you access the workload

Why We Collect It:

  • To authenticate your identity
  • To authorize access to workload features
  • To associate workload items with your user account

Storage Location:

  • Tokens are processed in-memory only and not persisted
  • User identity context stored in Fabric item metadata (customer’s OneLake)

2. Workload Usage Information

What We Collect:

  • Pipeline configuration data (job definitions, task settings, schedules)
  • Item metadata (creation date, last modified, item name)
  • Workspace and capacity identifiers
  • Feature usage patterns (which features are used)

How We Collect It:

  • When you create or modify pipeline configurations
  • When you interact with workload features

Why We Collect It:

  • To provide the core functionality of the workload
  • To save your configurations and preferences
  • To enable data pipeline orchestration

Storage Location:

  • All stored in your Microsoft Fabric OneLake storage
  • Within your organization’s Fabric capacity region

3. Operational Telemetry

What We Collect:

  • Pipeline execution logs (start time, end time, status)
  • Error messages and diagnostic information
  • Performance metrics (execution duration, data volumes)
  • Activity IDs for troubleshooting

How We Collect It:

  • Automatically during pipeline execution
  • When errors or exceptions occur

Why We Collect It:

  • To monitor pipeline execution status
  • To diagnose and troubleshoot issues
  • To provide customer support
  • To improve workload performance and reliability

Storage Location:

  • All stored in your OneLake Lakehouse tables
  • Retained according to your OneLake retention policies

4. Support Information

What We Collect (only when you contact support):

  • Name and contact information you provide
  • Support ticket descriptions and correspondence
  • Diagnostic logs you choose to share

How We Collect It:

  • When you submit a support request
  • When you provide information to our support team

Why We Collect It:

  • To respond to your support requests
  • To troubleshoot issues you report
  • To improve our service

Storage Location:

  • Support system (separate from workload)
  • Retained for 7 years for compliance purposes

How We Use Your Information

Primary Uses

We use the information we collect to:

  1. Provide the Service:
    • Authenticate and authorize access
    • Process and execute data pipelines
    • Store pipeline configurations and metadata
    • Display pipeline execution results and monitoring data
  2. Service Operation:
    • Monitor service health and performance
    • Diagnose and fix technical issues
    • Prevent fraud and abuse
    • Ensure security and data integrity
  3. Customer Support:
    • Respond to support requests
    • Troubleshoot reported issues
    • Provide technical assistance
  4. Service Improvement:
    • Analyze usage patterns to improve features
    • Identify and fix bugs
    • Develop new functionality
  5. Legal Compliance:
    • Comply with applicable laws and regulations
    • Respond to legal process and government requests
    • Enforce our Terms of Service

What We Do NOT Do

We do not:

  • ❌ Sell your personal information to third parties
  • ❌ Use your data for targeted advertising
  • ❌ Share your data with third-party analytics services
  • ❌ Access your data without authorization
  • ❌ Train AI models on your data
  • ❌ Mine your data for any purpose other than providing the service

Data Storage and Security

Storage Architecture

Customer Data Control:

  • All your data remains in your Microsoft Fabric tenant
  • Pipeline configurations stored in OneLake item definitions
  • Execution logs and telemetry stored in your OneLake Lakehouse
  • No data stored in Assurance eServices infrastructure

Data Processing:

  • All pipeline execution occurs within your Fabric Spark compute
  • No data sent to external servers for processing
  • Workload frontend is stateless (no server-side data storage)

Security Measures

Encryption:

  • In Transit: All communications use TLS 1.2 or higher encryption
  • At Rest: Data encrypted in OneLake using AES-256 (Microsoft-managed)
  • Authentication: Microsoft Entra ID with support for multi-factor authentication

Access Controls:

  • Role-Based Access Control (RBAC) through Fabric workspace permissions
  • Principle of least privilege
  • No direct access to customer data by Assurance eServices personnel

Application Security:

  • Regular security assessments and penetration testing
  • Content Security Policy (CSP) enforcement
  • Input validation and sanitization
  • Protection against OWASP Top 10 vulnerabilities
  • Secure coding practices following Microsoft SDL

Incident Response:

  • 24/7 security monitoring
  • Incident response procedures
  • Notification within 72 hours of security breach (GDPR compliant)

Data Residency

  • All customer data remains in your selected Fabric capacity region
  • No cross-region data transfers
  • Compliant with regional data sovereignty requirements
  • See Data Residency section for details

Data Sharing and Disclosure

Who We Share Data With

We share information in the following limited circumstances:

  1. Microsoft Fabric Platform:
    • Identity tokens shared with Microsoft for authentication
    • Workload integrates with Fabric services (OneLake, Spark, Monitoring Hub)
    • Subject to Microsoft’s Privacy Statement
  2. Your Organization:
    • Data shared according to your Fabric workspace permissions
    • Administrators in your tenant can access workload items
    • Subject to your organization’s policies
  3. With Your Consent:
    • When you explicitly authorize sharing (e.g., B2B collaboration)
    • When you share items with external users through Fabric sharing
  4. Service Providers:
    • Azure Static Web Apps (hosting only, no data storage)
    • Subject to data processing agreements
  5. Legal Requirements:
    • When required by law, regulation, or legal process
    • To protect rights, property, or safety
    • To enforce Terms of Service

What We Do NOT Share

We do not share your data with:

  • ❌ Third-party advertisers
  • ❌ Data brokers
  • ❌ Social media platforms
  • ❌ Marketing companies
  • ❌ Any party not listed above without your explicit consent

Your Rights and Choices

Access and Control

You have the following rights regarding your data:

1. Right to Access:

  • View all your pipeline configurations and data
  • Export your configurations using the workload interface
  • Access execution logs in your OneLake Lakehouse

2. Right to Rectification:

  • Correct inaccurate pipeline configurations
  • Update metadata and settings
  • Modify execution parameters

3. Right to Deletion:

  • Delete pipeline configurations and items
  • Remove execution logs (subject to retention requirements)
  • Request account deletion

4. Right to Data Portability:

  • Export pipeline configurations in standard formats
  • Download execution logs from your OneLake
  • Transfer data to another service

5. Right to Object:

  • Opt-out of non-essential data processing
  • Object to specific processing activities
  • Restrict processing under certain circumstances

6. Right to Withdraw Consent:

  • Discontinue use of the workload at any time
  • Revoke access permissions
  • Delete all associated data

How to Exercise Your Rights

For data in OneLake (pipeline configurations, logs):

  • Use the Fabric item management interface
  • Delete items through the Fabric UI
  • Configure OneLake retention policies

For support data and other requests:

  • Email: privacy@assuranceeservices.com
  • Subject: “Privacy Rights Request – [Your Request Type]”
  • Include: Your name, organization, and specific request
  • Response time: Within 30 days (GDPR) or 45 days (CCPA)

Data Retention

Retention Periods

Data TypeRetention PeriodControlled By
Pipeline ConfigurationsUntil you delete the itemCustomer (you)
Execution Logs90 days defaultCustomer via OneLake policies
Support Tickets7 yearsAssurance eServices (legal requirement)
Audit Logs7 yearsAssurance eServices (compliance)
Authentication TokensSession-only (not stored)N/A

Retention Rationale

  • Pipeline Configurations: Retained for as long as you need them for operations
  • Execution Logs: 90-day default balances troubleshooting needs with storage costs
  • Support Data: 7-year retention for legal compliance and quality assurance
  • Audit Logs: Retained for compliance with SOC 2 and ISO 27001 requirements

Data Deletion

When you delete data:

  • Pipeline configurations deleted immediately from OneLake
  • Execution logs follow OneLake deletion procedures
  • Soft-deleted items recoverable for 7-30 days (Fabric recycle bin)
  • Permanent deletion after recycle bin period

When you stop using the workload:

  • Uninstall the workload from your Fabric tenant
  • Delete all associated items
  • Your OneLake data remains under your control
  • No Assurance eServices data to delete (all data in your OneLake)

International Data Transfers

Data Residency Commitment

Our Approach:

  • All customer data remains in your selected Fabric capacity region
  • No data transfers outside your designated geography
  • Compliant with regional data sovereignty laws

How It Works:

  • You select your Fabric capacity region when setting up your tenant
  • All OneLake data stored in that region
  • All pipeline execution occurs in that region’s Spark compute
  • Workload frontend (static web app) uses global CDN but stores no data

Regional Compliance

European Union (GDPR):

  • EU data stored in EU Azure regions only
  • No transfers to non-EU countries
  • Standard Contractual Clauses (SCCs) in place for any EU data processing

United States:

  • US data can be stored in US Azure regions
  • Compliant with CCPA and other US privacy laws

Other Regions:

  • Data residency follows your Fabric capacity region selection
  • Compliant with local data protection laws

Cross-Border Collaboration

When you share items with users in other regions:

  • Data access occurs through Fabric’s sharing mechanisms
  • Data physically remains in your capacity region
  • External users access data via Fabric APIs (no data transfer)
  • Subject to your organization’s sharing policies

Children’s Privacy

The AES ETL Control Panel is not intended for use by children under the age of 16 (or equivalent minimum age in your jurisdiction).

  • We do not knowingly collect personal information from children
  • If you believe we have inadvertently collected information from a child, contact us immediately
  • We will promptly delete any such information upon verification

If you are a parent or guardian and believe your child has provided personal information, please contact: privacy@assuranceeservices.com

Changes to This Privacy Policy

How We Update This Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices
  • Changes in applicable laws
  • New features or functionality
  • User feedback

Notification of Changes

Material Changes:

  • We will notify you 30 days in advance via email
  • Notice posted prominently in the workload interface
  • Opportunity to review changes before they take effect

Non-Material Changes:

  • Updated “Last Updated” date at the top of this policy
  • Changes take effect immediately upon posting

Your Acceptance

  • Continued use of the workload after changes constitutes acceptance
  • If you disagree with changes, you may discontinue use
  • Previous versions available upon request

Contact Information

Privacy Inquiries

General Privacy Questions:

Data Subject Rights Requests:

  • Email: privacy@assuranceeservices.com
  • Subject: “Privacy Rights Request – [Request Type]”
  • Response Time: Within 30 days (GDPR) or 45 days (CCPA)

Security Concerns:

Mailing Address:
Assurance eServices
Attn: Privacy Officer
804 Morningside Trl
Murphy, TX 75094
United States

Data Protection Officer

For EU/EEA residents:

Regional Privacy Rights

California Residents (CCPA)

Under the California Consumer Privacy Act, you have the right to:

  1. Know what personal information we collect, use, and share
  2. Delete your personal information (with certain exceptions)
  3. Opt-out of the sale of personal information (Note: We do not sell personal information)
  4. Non-discrimination for exercising your CCPA rights

To exercise your CCPA rights:

CCPA Disclosure Summary (Last 12 Months):

  • Categories Collected: Identifiers, Usage Data, Technical Information
  • Business Purpose: Service provision, support, security
  • Categories Shared: Microsoft (service provider), Your organization
  • Sold: None (we do not sell personal information)

European Union Residents (GDPR)

Under GDPR, you have the right to:

  1. Access your personal data
  2. Rectification of inaccurate data
  3. Erasure (“right to be forgotten”)
  4. Restrict Processing in certain circumstances
  5. Data Portability to another service
  6. Object to processing
  7. Withdraw Consent at any time
  8. Lodge a Complaint with a supervisory authority

Legal Basis for Processing:

  • Contract Performance: To provide the service you requested
  • Legitimate Interest: Service improvement, security, support
  • Consent: Where explicitly obtained
  • Legal Obligation: Compliance with applicable laws

To exercise your GDPR rights:

EU Supervisory Authority:

Other Jurisdictions

We comply with privacy laws in all jurisdictions where we operate, including:

  • Canada (PIPEDA)
  • United Kingdom (UK GDPR)
  • Australia (Privacy Act 1988)
  • Brazil (LGPD)
  • Other applicable regional laws

For jurisdiction-specific inquiries:

Additional Privacy Information

Cookies and Tracking

Our Workload:

  • ❌ Does not use cookies for tracking
  • ❌ Does not use third-party analytics
  • ✅ Uses only essential session cookies for authentication (HTTP-only, secure)

Microsoft Fabric Platform:

  • May use cookies according to Microsoft’s Cookie Policy
  • Subject to Microsoft’s Privacy Statement

Third-Party Services

The workload integrates with:

  • Microsoft Fabric: Subject to Microsoft Privacy Statement
  • Azure Static Web Apps: Hosting only, no data storage
  • Microsoft Entra ID: Authentication only

We do not integrate with:

  • Social media platforms
  • Advertising networks
  • Third-party analytics services
  • Marketing automation tools

Automated Decision-Making

  • We do not use automated decision-making or profiling
  • All pipeline configurations and executions are user-initiated
  • No AI/ML processing of your personal data

Compliance Certifications

We maintain the following certifications demonstrating our privacy commitment:

  • SOC 2 Type II: Annual audit of security and privacy controls
  • ISO 27001: Information security management system certification
  • GDPR Compliant: Full compliance with EU data protection regulation
  • CCPA Compliant: California Consumer Privacy Act compliance

Audit Reports:

Document Information

Document Version: 1.0
Effective Date: April 28, 2026
Last Updated: April 28, 2026
Next Review Date: April 28, 2027

Previous Versions:

Language:

  • This privacy policy is provided in English
  • Translations available upon request

Your privacy matters to us. If you have any questions or concerns about this Privacy Policy or our privacy practices, please don’t hesitate to contact us at privacy@assuranceeservices.com

© 2026 Assurance eServices. All rights reserved.

Proudly powered by WordPress