Privacy at Vespasian
Vespasian is built to help companies assess PQC migration and compliance risk in Microsoft Entra without giving up control. This page explains, in plain language, what information the service uses and how customers stay in control.
What we access
We access Microsoft Entra application and service principal metadata needed to run PQC readiness scans, show findings, and power approved migration and protection workflows.
What we do not access
We do not install software on customer machines. We do not browse customer file systems, internal documents, or local servers.
What we store
We store encrypted connection details, workspace settings, scan summaries, approval state, and activity history needed to operate the service, support rollback, and generate evidence.
Customer control
Customers can start in read-only mode, pause helpers, disconnect Microsoft, export history, or remove saved workspace data from the setup area.
Questions
If a customer has privacy or data handling questions, they can contact support@vespasian.dev or visit the support page.