Terms of Service

These Terms of Service ("Terms") govern your access to and use of UserDesk ("the Service"), operated by Prismatic Enterprises ("we," "us," or "our"). By accessing or using the Service, you agree to be bound by these Terms. If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms.

If you do not agree to these Terms, you may not use the Service.

UserDesk is a web-based portal that enables authorized users to perform routine Microsoft 365 administration tasks — including user account management, password resets, license assignment, and group management — through a controlled, auditable interface.

The Service acts as an intermediary between authorized users and the Microsoft Graph API. All actions performed through the Service are executed using the signed-in user's own Microsoft 365 OAuth access token, under the permissions consented to by the organization's Global Administrator.

It is important that you understand how UserDesk interacts with your Microsoft 365 tenant:

• •UserDesk uses delegated permissions (not application permissions). Every action is performed as the signed-in user, using their own OAuth token.
• •UserDesk does not have independent or standing access to your tenant. When no user is signed in, the Service has no ability to access your Microsoft 365 data.
• •Actions taken through UserDesk (creating users, resetting passwords, modifying groups, etc.) are real, immediate changes to your Microsoft 365 tenant. They are equivalent to performing the same actions in the Microsoft 365 admin center.
• •UserDesk does not store Microsoft 365 passwords, access tokens, or refresh tokens in its database. Tokens are encrypted in the user’s browser session cookie.

You are responsible for:

• •Ensuring that only authorized individuals within your organization have access to UserDesk and are assigned appropriate portal roles (Admin, Member, or Viewer).
• •Understanding that actions taken by your users through UserDesk are real changes to your Microsoft 365 tenant and cannot be automatically reversed by us.
• •Maintaining the security of accounts that have access to UserDesk, including enforcing multi-factor authentication as appropriate.
• •Reviewing the permissions granted during admin consent and ensuring they align with your organization’s security policies.
• •Monitoring the audit log for unauthorized or unintended actions by your delegates.
• •Complying with all applicable laws, regulations, and Microsoft’s terms of service in your use of UserDesk.

UserDesk is a tool that executes actions on behalf of your authorized users. We are not responsible for the consequences of actions taken by your users through the Service, including but not limited to:

• •User accounts created, modified, or deleted through the Service.
• •Passwords reset through the Service.
• •Licenses assigned or removed through the Service.
• •Group memberships modified through the Service.
• •Any downstream effects of the above actions within your Microsoft 365 environment.

To the maximum extent permitted by applicable law, Prismatic Enterprises shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, data, or business opportunities, arising out of or related to your use of the Service.

Our total aggregate liability for any claims arising from the Service shall not exceed the amount you paid us in the twelve (12) months preceding the claim.

The Service is provided "as is" and "as available" without warranties of any kind, either express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

We do not warrant that the Service will be uninterrupted, error-free, or that defects will be corrected. We do not warrant any specific results from your use of the Service. The Service depends on third-party services (Microsoft Graph API, Stripe, Vercel) and we are not responsible for their availability or performance.

• •Access to the Service requires an active paid subscription, managed through Stripe.
• •Subscriptions are billed monthly or annually, depending on the plan selected at checkout.
• •You may cancel your subscription at any time. Access continues until the end of your current billing period.
• •We reserve the right to change pricing with 30 days’ notice. Price changes do not affect your current billing period.
• •If payment fails, we will attempt to notify you. After a grace period, access to the Service may be restricted until payment is resolved.

To use the Service, your organization's Global Administrator must grant admin consent for the Microsoft Graph API permissions that UserDesk requires. By granting consent, your administrator acknowledges that:

• •They understand the permissions being granted (User.ReadWrite.All, Directory.ReadWrite.All, Group.ReadWrite.All, UserAuthenticationMethod.ReadWrite.All).
• •They have the authority to grant these permissions on behalf of the organization.
• •They accept that users assigned the Admin or Member role in UserDesk will be able to perform the actions these permissions enable.
• •Admin consent can be revoked at any time by removing UserDesk from Azure Portal → Enterprise Applications.

Our handling of your data is described in our Privacy Policy. In summary:

• •We store only portal metadata: tenant IDs, user emails, portal roles, audit log entries, templates, and subscription status.
• •We do not store Microsoft 365 passwords, access tokens, or refresh tokens in our database.
• •We do not access or store your organization’s emails, files, calendar data, or any content beyond what is needed to render the user management interface.
• •Audit log data is retained for the duration of your subscription and is available for export upon request.

You agree not to:

• •Use the Service for any unlawful purpose or in violation of any applicable laws or regulations.
• •Attempt to gain unauthorized access to the Service, other users’ accounts, or other Microsoft 365 tenants.
• •Use the Service to perform bulk operations intended to disrupt or damage a Microsoft 365 tenant.
• •Reverse engineer, decompile, or attempt to extract the source code of the Service.
• •Resell access to the Service without our prior written consent (this does not apply to MSPs offering the Service as part of their managed services).

We may suspend or terminate your access to the Service if:

• •You breach these Terms.
• •Your subscription payment fails and is not resolved within the grace period.
• •We are required to do so by law.
• •We reasonably believe your use of the Service poses a security risk to us or other users.

Upon termination, your access to the Service will cease. We will retain your audit log data for 30 days following termination, after which it may be deleted. Revoking admin consent in Azure Portal is your responsibility and can be done at any time independently of your subscription status.

We may update these Terms from time to time. If we make material changes, we will notify you by email (to the address associated with your account) or through a notice in the Service at least 14 days before the changes take effect. Your continued use of the Service after the changes take effect constitutes acceptance of the updated Terms.

These Terms are governed by and construed in accordance with the laws of the State of Pennsylvania, United States, without regard to its conflict of law principles. Any disputes arising from these Terms or the Service shall be resolved in the courts located in Pennsylvania.

If you have questions about these Terms, contact us at hello@getuserdesk.com.