Privacy Policy for Quartz LIMS Connector

Last Updated: January 23, 2026

This Privacy Policy describes how the Quartz LIMS Connector ("the App") collects, uses, and protects information when installed in a Microsoft Teams environment.

1. Information We Collect

The App collects the following information to facilitate the relay of notifications from Quartz LIMS to Microsoft Teams:

  • User Identifiers: This includes Email addresses, User Principal Names (UPN), and Microsoft Teams User IDs.
  • Tenant Identifiers: The Microsoft Teams Tenant ID where the app is installed.
  • Metadata: Logging information related to communication success/failure.

2. How We Use Information

We use the collected information exclusively to:

  • Route notifications from your laboratory's Quartz LIMS instance to the intended recipients.
  • Maintain an identity cache for "Zero-Touch" delivery, allowing the bot to discover and message users within a Team roster efficiently.

3. Data Protection (Identity Hashing)

We take your privacy seriously. To minimize the risk of data exposure:

  • Hashing: All sensitive user identifiers (Emails and UPNs) are transformed into one-way cryptographic hashes (SHA256) before being stored.
  • Persistence: We do not store clear-text user identities in our persistent database.
  • Storage: Data is stored securely in Azure Blob Storage, protected by industry-standard encryption at rest and in transit.

4. Third-Party Data Sharing

The App acts as a relay between the user's Quartz LIMS instance and the Microsoft Teams platform.

  • Microsoft Teams/Bot Framework: Identifiers are shared with Microsoft's APIs to facilitate message delivery.
  • No Sale of Data: We do not sell, trade, or otherwise transfer your information to outside parties for marketing or analytical purposes.

5. Data Retention

  • Identity cache entries are retained only as long as necessary to facilitate notification delivery.
  • If the App is uninstalled from a Team, the associated Tenant configuration and identity cache may be deleted upon request or after a period of inactivity.

6. Compliance

The App is designed with GDPR and CCPA considerations in mind, specifically utilizing data minimization and pseudonymization (hashing).

7. Contact Us

For questions regarding this policy, please contact support2@qrtz.com.