Editing a diagram
You will have already have given diagrams.net permission to create, edit and delete files, like diagram files, in your OneDrive. No further permissions are requested to use diagrams.net with Teams.
At no point is any personally identifiable information (PII) transmitted to diagrams.net servers and, therefore, PII is never stored, retained, require deletion or be subject to security controls around that data.
Diagram Data and Authenication
Authenication to OneDrive is performed directly to Microsoft and your browser holds the authenication token. The token is not stored in diagrams.net servers, so we cannot act on your behalf without your knowledge.
diagrams.net does not have an additional authenication mechanism, there is no authenication exchange (Single Sign On).
Once a diagram is loaded for editing, it is loaded directly from Microsoft servers to your browser. It does not transmit via diagrams.net servers. The same principle applies when saving.
We do not store your data at any time, nor do we see your data during save/load operations.
Diagrams data is transmitted to diagrams.net servers if you request a PDF of your diagram. The PDF generation servers are configured to industry standard security level and have penetration testing by a third-party at least every 12 months.
Data transmitted from the client browser to the PDF generation servers is encrypted with TLS1.2+ and encrypted at all points in transit between your browser and the endpoint server.