Security / Overview (printable)
Two products, separately installable. PunchOut: Chrome extension + BC mini app, captures e-commerce carts into a draft you review in Business Central. Agent: BC extension, in-product AI chat, and document capture (upload vendor invoices & documents, AI-extracted into BC drafts). SaaS, multi-tenant, GDPR + Swiss nFADP compliant.
Cart data stays in your browser and goes straight to your own Business Central tenant, using secure delegated access via your Microsoft sign-in, where it becomes a draft you review and post yourself. Zentriq's backend only meters credits, it never receives your cart contents.
ββββββββββββββββ ββββββββββββββββ
β Your β ββββββΆ β Your BC β
β browser β (cart β tenant β
β (cart data) β data) β (draft) β
ββββββββ¬ββββββββ ββββββββββββββββ
β
βββ credit metering only βββΆ Zentriq backend (EU)
(no cart contents)Your request goes to Zentriq's EU backend, which reads only the BC records a query needs (scoped by your own BC permissions) and calls our AI provider for inference. Conversations are stored in an EU-hosted, encrypted managed database so you can resume them. The AI provider retains nothing and never trains on your data.
ββββββββββββββββ ββββββββββββββββββββ
β BC user β ββββββΆ β Zentriq backend β
β (browser) β β (EU) β
ββββββββββββββββ ββββββββββ¬ββββββββββ
β
βββββββββββββββββΌββββββββββββββββ
βΌ βΌ βΌ
ββββββββββββββββ βββββββββββββββ ββββββββββββββββ
β AI provider β β Your BC β β EU database β
β (EU) β β tenant β β (encrypted) β
β ZERO RETAIN β β β β β
ββββββββββββββββ βββββββββββββββ ββββββββββββββββCart data in your browser (read only). Microsoft account email + tenant ID. In BC, reads only the records a draft needs and writes a draft you review and post yourself. Capture metadata (timestamp, vendor host, line count).
Cart contents on Zentriq servers, cart data is sent to our AI provider for one-shot extraction (EU, zero retention) and never persisted. Other tenants. Anything outside the draft you review.
Microsoft account email + tenant ID. BC data read in real time to answer queries (scoped by the user's BC permissions). Chat history (stored so conversations can resume).
Full BC database export. Credentials or passwords. Data from other tenants. Your data is never used to train AI models (our AI provider retains nothing).
| In transit (end-to-end) | Encrypted (modern TLS) |
| Database at rest | Encrypted at rest |
| Delegated access tokens at rest | Encrypted at rest, keys rotated regularly |
| File attachments | Encrypted at rest |
Zentriq uses secure delegated access via your Microsoft sign-in, we never see or store your password. We request only:
Your BC permissions are the ultimate gate, Zentriq cannot exceed what the user's own BC account is allowed to do. Access is least-privilege by design: each task reads only the records it needs, and any write is a draft you review and post yourself. Nothing more.
| Data | Region | Processor |
|---|---|---|
| Database (accounts, billing, Agent chats) | EU (Frankfurt) | EU-hosted managed database |
| Application runtime | EU (Frankfurt + Paris) | Our hosting provider |
| File / attachment storage | EU | Our hosting provider |
| Error monitoring | EU (Frankfurt) | Our error-monitoring provider |
| Transactional email | EU / US | Our email provider |
| AI inference (Agent + PunchOut) | EU (Frankfurt, zero retention) | Our AI provider |
| PunchOut cart contents | Never persisted on Zentriq | None |
| BC data | (your tenant, never relocated) | Microsoft |
The full list of subprocessors, with names and regions, is in our Subprocessors list. We don't export your full BC database, and we don't sell or share your data beyond the infrastructure subprocessors listed there.
Production DB access restricted to 2 staff. MFA everywhere. Every access logged.
Automated CI/CD pipeline. Signed commits. Automated tests before every merge.
Error and performance monitoring. Continuous uptime probes.
GDPR Art. 33: 72-hour notification. Post-mortem published once incident is closed.
Security: security@zentriqsoftware.com Β· Privacy: privacy@zentriqsoftware.com Β· General: support@zentriqsoftware.com
Zentriq Software Β· Switzerland Β· zentriqsoftware.com Β· Last updated May 2026