<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=643727312142648&amp;ev=PageView&amp;noscript=1">
Skip to main content
AI Mode
Book a Demo

Privacy Policy for eimmigration for Outlook

Effective Date: May 7, 2026

Last Updated: May 7, 2026

1. Overview

eimmigration for Outlook (“the Add-in”) is provided by Cerenade and is designed to help users save emails and attachments from Microsoft Outlook directly to client and case profiles in eimmigration. The Add-in is available through the Microsoft Marketplace and is currently supported for Outlook on the web. After signing in to both Microsoft and eimmigration, the user can select one or more emails in Outlook and use the Add-in to send those emails, along with any attachments, to their firm’s eimmigration tenant. The data will then be associated with the relevant client or case.

We respect your privacy and are committed to protecting your information. This policy explains what information we collect, how we use it, and your choices.

2. Information We Collect

We collect the following types of information only when necessary to provide the Add-in’s features:

Microsoft account information

After you sign in to your Microsoft account through the Add-in, basic profile information (such as your name and email address) is retrieved through the Microsoft Graph API so the Add-in can identify you and associate saved items with the correct user.

Email content and attachments

When you choose to save one or more selected emails, the Add-in retrieves the contents of those emails — including subject, sender, recipients, body, and any attachments — through the Microsoft Graph API. Only the emails you explicitly select are accessed; the Add-in does not read, scan, or process any other messages in your mailbox.

eimmigration session token

After you sign in to your eimmigration account from the Add-in, an authentication token is stored locally in your browser so you can continue to use the Add-in without signing in repeatedly. This token expires one hour after it is generated.

Microsoft Graph access tokens

Microsoft Graph access tokens are obtained on demand using Microsoft’s Nested App Authentication (NAA) flow via the Microsoft Authentication Library (MSAL). These tokens are fetched from Microsoft only when needed for a specific operation and are not stored by the Add-in or transmitted to our servers.

3. Microsoft Graph Permissions

To function, the Add-in requests the following Microsoft Graph permissions from your account:

  • User.Read — to read basic profile information about you (name and email address).
  • Mail.Read — to read the contents of the emails you select to save to eimmigration.
  • Mail.ReadWrite — required by Microsoft to enable multi-select of email items in Outlook. Although this permission grants write access, the Add-in does not write, modify, send, move, or delete any messages in your mailbox. This permission is requested solely so the Add-in can act on more than one selected email at a time.

4. How We Use Your Information

We use the information collected solely to:

  • Authenticate your Microsoft account and your eimmigration account.
  • Retrieve the emails and attachments you select to save.
  • Save those emails and attachments to your firm’s eimmigration tenant so they can be associated with the appropriate client or case and viewed in the eimmigration portal.

We do not:

  • Sell your data.
  • Share your data with third parties except as required to perform the requested service.
  • Read, scan, or process any emails other than those you explicitly select.
  • Modify, send, move, or delete any messages in your mailbox.
  • Collect browsing history or unrelated personal content.

5. Data Sharing and Disclosure

Your information is shared only:

  • With Microsoft, as part of authenticating your account and retrieving your selected emails through the Microsoft Graph API.
  • With our own secure servers, to deliver the emails and attachments you choose to save into your firm’s eimmigration tenant.
  • If required by law, regulation, or valid legal process.

We do not share your information with advertisers or data brokers.

6. Data Storage and Retention

  • Local storage: The eimmigration session token is stored locally in your browser until it expires (one hour after generation), you sign out of the Add-in, you clear the Add-in’s data, or you uninstall the Add-in. Microsoft Graph access tokens are not stored by the Add-in.
  • Server storage: Emails and attachments that you choose to save are stored on our servers as part of your firm’s eimmigration tenant and are governed by our main eimmigration privacy policy.

7. Security

We use HTTPS for all communications between the Add-in, Microsoft, and our servers. Authentication with Microsoft is performed using Microsoft’s Nested App Authentication (NAA) flow via MSAL, a modern authentication pattern recommended by Microsoft for Office add-ins. Microsoft Graph access tokens are handled in memory only and are not persisted by the Add-in. Remote scripts loaded by the Add-in are served over HTTPS and are owned and controlled by us.

8. User Control

You can:

  • Sign out of the Add-in at any time to remove your locally stored eimmigration session token.
  • Uninstall the Add-in at any time from Outlook to stop all further data collection by the Add-in.
  • Revoke the Add-in’s access to your Microsoft account at any time through your Microsoft account settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted at this URL with the updated effective date.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

support@cerenade.com

Cerenade

9800 S. La Cienega Blvd. #411, Inglewood, CA, 90301

eimmigration is case management software built by Cerenade that streamlines immigration casework for law firms and non-profits.

BUILT FOR

CAPABILITIES

RESOURCES

COMPANY

© 2026 eimmigration and Cerenade. All rights reserved.

Privacy Policy    Terms of Use