How OneLatex Protects Your Data and Manages Permissions

If you are not using the "Open in Overleaf" functionality, OneLatex does not store any data on a server (except, of course, on Microsoft's servers where your OneNote notebooks are stored). Your data is only stored in the Internet browser you use, in your OneDrive application folder, and in the target folder you can select. If you use the transfer of data to Overleaf with the "Open in Overleaf" option in the "Download Files" section, the final LaTeX data will also be temporarily stored on an Amazon S3 server.

OneLatex uses your M365-account to access OneNote (read-only) and OneDrive (limited to the application folder). In the next section you can find out more about why OneLatex requires the individual permissions.

Permissions in detail

Read access to your profile (user.read)

The app needs read access to your profile to store essential information that allows a seamless connection between your user account and the OneLatex application. This ensures a personalized experience and keeps your profile synchronized with the app.

Read access to your OneNote notebooks (notes.read)

This permission is necessary to load data from your OneNote notebooks into the app for processing. The app reads the content of your OneNote to convert it and temporarily store it in your browser’s memory. It does not modify or delete your notes, and password-protected sections remain inaccessible.

Access to the app’s folder in OneDrive (files.readwrite.appfolder)

This permission enables the app to use a dedicated application folder in your OneDrive to temporarily store files during the conversion process (this is mandatory for the app to function). Additionally, if you choose, the app can save the converted files in your OneDrive for easy access later (this is optional).

Why does the fourth permission ("Manage access to data...") appear?

When granting these permissions, you may see a request for a fourth permission: "Manage access to data for which OneLatex has already been granted permission."

This is not a separate or additional permission explicitly requested by the app. Instead, it is automatically generated by Microsoft to explain how the app can interact with the data it has access to based on the permissions you grant. Specifically:

• It allows the app to work within the areas you've already authorized (e.g., your profile, OneNote notebooks, and the OneDrive app folder).
• For example, the app can:
  • Read, update, or delete files within its dedicated app folder.
  • Temporarily process data from OneNote notebooks in your browser’s memory.
  • Save converted files to OneDrive (if chosen).

Additional information

<aside> 💡

The app cannot request or gain access to any new data or areas outside the explicitly granted permissions without your additional consent. This general explanation from Microsoft is designed to provide transparency about how permissions are managed.

</aside>

<aside> 💡

These permissions are strictly limited to the specific scopes described above and cannot access any other data or files outside their defined boundaries. Your privacy is protected in accordance with Microsoft’s data security standards, and the app only processes the information it needs to function.

</aside>