All data and in our app communicaation is happening within our own tenant and using services within our tenant. The rules we have created for compliance and security will also apply to the game we have created.

Governance should and can de done using the tools you use to manage and audit security, privacy and compliance for Microsoft 365, Azure and Dynamics.

If the solution is used on other tenants, the rules for that tenant will be applied.

• Azure OpenAI, keeps the information in the tenant, and will adhere to the privacy rules and ethics that has been apllied to it.
• User are all authenticated and given permission to the solution and tables.
• Data is stored in Dataverse. We govern the data in this solution and will be alerted if there are store any personal information. We do not store anything that the users puts into the prompt.
• Just a few administrators have access to give other people permissions to use the app.