1
Identity-bound access
No anonymous links. Access is tied to verified users through one-time passkeys or federated authentication.
How we work
How DocLoq builds, deploys, and supports
A short, honest description of the product constraints we accept and the way we engage with security, IT, and procurement teams running on Microsoft 365.
Principles, not promises
These are the constraints we have chosen and the patterns we use on every customer engagement. They shape product decisions, deployment scope, and how we respond when things change.
The DocLoq control layer
How external sharing stays governed from request to revocation
DocLoq adds a dedicated control layer around the external sharing workflow while keeping documents inside Microsoft 365.
2
Central policy control
Define and enforce consistent sharing policies. See who shared what, with whom, and under which conditions.
3
Secure delivery
Control how documents are accessed and used: view-only, watermarking, download restrictions, and protected download.
4
Microsoft 365 native
Works with SharePoint, Teams, and OneDrive. Documents stay in the tenant. No file duplication or reuploading.
5
Audit and traceability
Sharing-focused audit visibility, including access activity, permissions, sharing conditions, and revocation events.
Operating principles
What we commit to on every engagement
1
Tenant sovereignty first
Your documents never leave your Microsoft 365 tenant. This is a product constraint we accept and design around, not a marketing line. DocLoq stores tokens, policy, and audit metadata — not your files.
2
We extend Microsoft 365, we do not replace it
We build on top of SharePoint, OneDrive, Entra ID, and Purview. When Microsoft ships a control that improves the picture, we adopt it rather than reinvent it.
3
Secure by default, not by configuration
Every shared workspace starts read-only, watermarked, and short-lived. Opening up access — copy, download, longer expiry — is an explicit choice your team makes per workflow.
4
Evidence over adjectives
We publish our architecture summary, subprocessor list, and security posture. We are clear about which controls are in place today and which are on the roadmap.
5
Minimal data collection
We collect what we need to operate the service and nothing more. Audit logs and document content stay in your tenant. Telemetry is opt-in for new features.
6
Direct engineering support
When something breaks or a use case needs a closer look, customers talk to the people who build the product — not a tier-one queue. Response targets are written into the agreement.
7
Transparent roadmap
We share what we are building next and what we have decided not to build. Customers shape priorities through a structured feedback channel, not back-channel emails.
See how this works in practice
Book a demo against your tenant or talk to us about an evaluation scope. We will be specific about what is in the product today.