Refer Zentriq and earn 30% recurring, for life on every customer you bring.Become an affiliate →
PunchOutAgentDocument CaptureDocsPricingBlogHow-to GuidesUse CasesGlossaryFAQAbout
Sign inGet started free

Docs / Security

Security at Zentriq

How we handle your Business Central data · Last updated May 2026

Need to justify Zentriq to your IT team? Open the 2-page Security Overview, designed to be printed and circulated.

1. Two products, three data flows

Zentriq ships two products, PunchOut and the Agent. The Agent handles both live chat and document capture, which touch your data differently, so there are three data flows below. Read the one relevant to you, or all of them.

1.1 PunchOut

When you capture a cart on a supported e-commerce site, the cart data is read and structured in your browser and goes straight to your Business Central tenant via Microsoft's standard API. Zentriq is called only to confirm your account has credits and to meter one credit on a confirmed capture, the cart itself never transits Zentriq.

What this means: the products you buy, their prices, and your vendor relationships never leave the path from your browser to your BC tenant. Zentriq sees only billing metadata (timestamp, vendor host, line count).

1.2 Agent (in-BC chat)

When you ask the Agent a question inside Business Central, Zentriq interprets it, reads only the BC records that question needs (on your behalf, under your own BC permissions), and sends the message and context to our AI provider to generate the answer. Our AI provider operates under a zero data retention policy for our account: your data is not retained beyond the request and is never used to train AI models.

1.3 Document Capture, inside the Agent

When you upload a vendor document, it is held in a private EU-hosted store (Frankfurt), readable only by you, and sent to our AI provider for extraction under the same zero-retention, no-training terms. The extracted lines are matched against your existing BC records and presented to you as a draft, you review it and post it to BC yourself. Nothing is written or posted to Business Central without your explicit confirmation.

2. What each product accesses

Both products follow least privilege, each is scoped to the minimum a task needs. They read only the records a query requires, and any write to Business Central is a draft you review and post yourself.

2.1 PunchOut

  • Cart data on supported e-commerce sites (read only, in your browser)
  • Microsoft account email, name, tenant ID (from sign-in)
  • In BC: read only the records a cart capture needs, and prepare cart lines for your review. Nothing else.
  • Anonymous usage events (capture count, vendor host, success/failure), no cart contents

2.2 Agent

  • Microsoft account email, name, tenant ID (from sign-in)
  • BC data fetched in real time to answer your questions, only what each query requires
  • Your chat messages and AI responses (stored so you can resume past conversations)
  • Anonymous usage metrics (page views, feature usage, error rates)

2.3 Document Capture (used inside the Agent)

  • The vendor documents you upload (you choose each file)
  • Microsoft account email, name, tenant ID (from sign-in)
  • In BC: read only the records needed to match the document, then create a draft for your review. Nothing posts without your confirmation.
  • The uploaded file, held in a private EU store (Frankfurt), deletable on request

3. What we don't access

  • We do not export your full BC database, neither product does a bulk pull.
  • We do not store your Microsoft password, you sign in with Microsoft and we never see it. Credentials we do hold are encrypted at rest.
  • We do not store cart contents on Zentriq servers, PunchOut goes straight from your browser to your BC tenant.
  • We do not sell or share your data with anyone beyond the infrastructure subprocessors needed to run the service (see our Subprocessors list).
  • We do not train AI models on your data, our AI provider's zero-retention policy applies to all our usage.

4. Encryption

All data is encrypted in transit and at rest. Network traffic, to and from your browser, your BC tenant, and our providers, uses modern TLS. Databases, file attachments, and any stored access credentials are encrypted at rest.

5. Data residency

DataWhere
Database (accounts, billing, Agent conversations)EU (Frankfurt)
Application runtimeEU (Frankfurt)
File attachmentsEU (Frankfurt)
Error reportsEU (Frankfurt)
AI inference (Agent + PunchOut)EU (Frankfurt), zero retention
PunchOut cart contentsNever persisted on Zentriq, browser → BC direct
Your BC tenantWherever Microsoft provisioned it (we never relocate it)

EU data residency: your data is processed and stored in the EU (Frankfurt), including AI inference, which runs entirely within the EU. The full list of subprocessors, with names and regions, is in our Subprocessors list. Contact sales@zentriqsoftware.com for a DPA.

6. Retention

  • Agent conversations, kept until you delete them or close your account.
  • PunchOut capture history, metadata only (timestamp, vendor host, line count); 12 months. No cart contents stored.
  • Usage logs, 90 days.
  • Error reports, 90 days (rolling).
  • BC access credentials, until you disconnect BC from the app, or 90 days of inactivity.
  • Billing records, 7 years (legal obligation).

7. Access controls

  • Production database access, restricted to 2 Zentriq employees. MFA mandatory. Access logged.
  • Code deploys, only by known, authenticated maintainers.
  • Provider admin consoles, all MFA-protected.
  • Your BC permissions are the ultimate gate, you connect through your own Microsoft sign-in, so even a compromised Zentriq backend can't do more in BC than your individual user's permissions allow.

8. Incident response

In the event of a security incident:

  • We notify affected customers within 72 hours of discovery (in line with GDPR Art. 33).
  • Disclosure includes: what happened, what data was involved, what we did to contain it, and what you should do.
  • For post-mortems, we publish a redacted summary once the incident is closed.
  • Report a suspected issue: security@zentriqsoftware.com (PGP key on request).

9. Subprocessors

You authenticate through Microsoft Entra ID and connect to your own Business Central tenant, your own platform, not a hidden subprocessor. To run the service we also rely on a small set of EU-hosted infrastructure providers, covering authentication, AI inference (under a DPA with zero retention), payment processing, application and file hosting, our database, error monitoring, and transactional email. Each is bound by a Data Processing Agreement.

The full list of subprocessors, with names and regions, is in our Subprocessors list.

10. Your rights (GDPR / nFADP)

You can:

  • Export, request a JSON export of all your data. Email privacy@zentriqsoftware.com (fulfilled within 30 days).
  • Delete, trigger full account deletion from your dashboard. Cascades delete all captures, conversations, and memberships; subscriptions cancelled automatically.
  • Disconnect BC, revoke access anytime in your dashboard, or uninstall the Zentriq app from Business Central. Zentriq immediately loses all access to your BC tenant.
  • Object / restrict, email us, we honor your request.

11. Certifications and roadmap

  • GDPR + nFADP: compliant (Swiss entity, EU processing).
  • SOC 2 Type II: in progress, expected Q4 2026. Ask for our Readiness Assessment if you need it before then.
  • ISO 27001: on 2027 roadmap.

Questions? security@zentriqsoftware.com, we reply within 1 business day. Also see: Privacy Policy · Terms · 2-page Security Overview (printable).