Kameleon is cross platform document creation SaaS product.
Documents created from templates are not stored by Kameleon.
Data is located and processed inside European Economic Area (EEA).
Authentication is done against Azure AD.
Hosted in Microsoft Azure (utilizing PaaS services).
Kameleon is SaaS product and software updates are delivered automatically for end users.
Microsoft 365 business subscription
Windows, Mac, browser
Microsoft Office 1
Microsoft Teams 2
Office add-in via Microsoft 365 admin center 3
Teams add-in via Teams admin center 4
Kameleon is multitenant application and uses Azure AD authentication to identify end user tenant.
Data is stored in Azure Cosmos DB and Azure SQL
Files are stored in Azure Blob storage.
Backups are taken daily with retention period of 30d.
All internal communication between server and client is SSL encrypted.
All data in transit is SSL (TLS 1.2) encrypted.
All data at rest are encrypted 5
Distributed denial-of-service (DDoS) protection 6
Web application firewall (WAF) 7
Strict access controls enabled to ensure only authorized individuals can see data.
All access is logged and monitored to detect and prevent unauthorized access.
Open source components
Open source components are used and are actively monitored for patches and security vulnerabilities.
Data is located and processed inside European Economic Area (EEA)
Sensitive personal data is not collected.
Customer data is removed once customer agreement ends within 12 months
Kameleon doesn't store generated documents and they are only stored to customers' storage systems, e.g., Teams, SharePoint, OneDrive
Kameleon is API based SaaS product hosted in Microsoft Azure.
Frontend: TypeScript, React (HTML/JS)
Backend: TypeScript, Node, .NET Core
Hosting: Azure App Service
Front- and backend are hosted on App Services in Azure Platform as a Service (PaaS)
Azure security and compliance (https://azure.microsoft.com/en-us/explore/trusted-cloud/)
Azure AD, Office SSO, Teams SSO
All API communication requires authentication against Azure AD user.
1 Hardware requirements for Microsoft Teams (https://learn.microsoft.com/fi-fi/microsoftteams/hardware-requirements-for-the-teams-app)
2 Requirements for running Office Add-ins (https://learn.microsoft.com/en-us/office/dev/add-ins/concepts/requirements-for-running-office-add-ins)
3 Deploy add-ins in the Microsoft 365 admin center (https://learn.microsoft.com/en-us/microsoft-365/admin/manage/manage-deployment-of-add-ins?view=o365-worldwide)
4 Overview of app management and governance in Teams admin center (https://learn.microsoft.com/en-us/microsoftteams/manage-apps)
5 Encryption at rest
6 DDoS protection on Front Door https://learn.microsoft.com/en-us/azure/frontdoor/front-door-ddos