Document Aim
This document explains which Client data the mScore Engine (“Engine”) requests permission to access, and which of that data it processes and stores.
Definitions
Client is an organisation that consents to mScore accessing and processing relevant data.
The mScore Engine (“Engine”) is a computer program that, upon consent from a Client, accesses, stores and processes User and Event information.
A User Profile is a record detailing an individual User as set up by the Client in Microsoft Azure Active Directory service. In most cases this is an employee of the Client.
An Event is a record detailing an event in a User’s calendar records as recorded in Microsoft Azure Active Directory.
The Purpose is the services provided by mScore to the Client.
A Field is a specific named data item within a User Profile or an Event. For example, a User’s email address is a Field within that User’s Profile.
How Does Engine Access Client Data and Which Data Is It Permitted to Access?
Engine uses the Microsoft Graph API to access Client data.
The onboarding process consents Engine to access:
- all User Profiles that exist at the time of access. This data structure is specified in detail by Microsoft here.
- for each User Profile, all Events in the User’s calendars, including historic and future events. This data structure is specified in detail by Microsoft here.
Which Data Items Does mScore Process and Store?
mScore stores and processes only Fields which are required for the Purpose.
User Profile Fields
Object Id
This is a GUID assigned by Microsoft that uniquely identifies the User Profile record.
User Principal Name
In practice this is the User’s email address.
Event Fields
Id
This is a GUID assigned by Microsoft that uniquely identifies the Event record.
Attendees
This is an array of the email addresses of Event invitees.
Engine processes this field to derive the number of Event attendees and which of those invitees are Users (ie they are part of the Client organisation).
Email addresses in this array that do not match a User record (in effect they reference an invitee who is not part of the Client) are counted. They they are not stored or further processed.
Start and End
These record the Event starting and ending timestamps.
Subject
The name of the event for example “Marketing Meeting”.
Is Cancelled
A true/false field indicating if the event is cancelled
Response Status
Records the User’s response to the Event invitation – for example “Accepted” or “Declined”.
Type
This indicates if an event happens once or is a series (for instance a daily standup meeting would be a series).
Organizer
This indicates the email address of the Event’s organizer.
If the organizer is a User, mScore record which User is the organizer.
If the organizer is not a User this field is not processed or stored.
Change Key
This is a GUID that is changed by Microsoft when the Event’s attributes change.
Requested Data Access is Read Only
The onboard process does not grant Engine permission to write to the Client’s Azure Active Directory.
Why Does mScore Request Access to Fields That Are Not Processed or Stored?
The data access authorisation process used by Engine is specified and implemented by Microsoft.
Within this process mScore are not aware of a mechanism for requesting or restricting permitted access to a subset of User Profile or Event fields.
After Authorisation, How Do I Remove mScore’s Authorisation For Future Data Access?
Data access is managed by the Client using their Azure Active Directory service.
Once the Client has granted access to Engine, Engine will appear in the ‘Enterprise Application’ blade of the client’s AAD.
From there, permissions for Engine to access data can be modified or removed at any time by the Client.
Will mScore Destroy Downloaded Data If I Require?
Yes.
mScore will destroy all copies of downloaded Client data upon verified instruction of the Client, at any time, within 48 hours of verification of instruction.
Thank You
Thank you for reading this document.
Please contact your mScore representative with any further questions.