Effective date: 2026-05-31
ADO Atlas ("the extension") is an independent browser extension that displays and manages your Azure DevOps work items. This policy explains exactly what data the extension handles and where it goes. In short: everything stays on your device, and the only server it talks to is Azure DevOps itself.
ADO Atlas is not affiliated with, sponsored by, or endorsed by Microsoft. "Azure DevOps" is a trademark of Microsoft Corporation.
All of the following is stored locally on your device (Chrome
chrome.storage.local and localStorage) and is never sent to
the developer or any third party:
The extension makes network requests only to Azure DevOps, over HTTPS, authenticated with your PAT:
https://dev.azure.com — to read and update your work items.https://app.vssps.visualstudio.com — only when you click Load in setup, to list the
organizations and projects your account can access (a convenience; you can type them manually instead).https://login.microsoftonline.com — only if you use Microsoft sign-in, to complete the
OAuth sign-in and refresh the access token. Not contacted at all when you authenticate with a PAT.These hosts are the only ones the extension is permitted to contact (enforced by its Content Security Policy). The extension contains no analytics, no telemetry, no advertising, and no third-party servers. No data is ever transmitted to the developer.
When you paste, drop, or pick a file inside the Description editor, the file's bytes are uploaded
directly to your Azure DevOps organization
(https://dev.azure.com/<org>/_apis/wit/attachments) and linked to the open work item as an
AttachedFile relation — the same path the Azure DevOps web UI uses. The extension does not keep a
local copy of the file bytes, does not send them to the developer, and does not transmit them to any third-party
service. Image previews displayed inside the editor are re-fetched from Azure DevOps in the same authenticated
session (the raw URLs require your access token, so the bytes can't be exposed by a plain <img src>).
When you type @ followed by a name inside the description editor, the extension sends that partial
query to your Azure DevOps organization's identity endpoint
(https://dev.azure.com/<org>/_apis/IdentityPicker/Identities) to populate the autocomplete list.
Results are not cached, are used only to draw the typeahead dropdown for that keystroke, and never leave the
extension. If that endpoint is unavailable on your tenant the extension falls back to the team-roster already loaded
for the work-item editor.
Your token and settings are used solely to provide the extension's single purpose: viewing and managing your own Azure DevOps work items. Your data is not sold, rented, or shared with anyone, and is not used for advertising, profiling, or any purpose unrelated to that feature.
Your PAT is stored locally by the browser and transmitted only to Azure DevOps over HTTPS in the standard
Authorization header. Because the PAT is a credential, treat your device accordingly and prefer a short
expiry. The extension never logs or displays your PAT after entry.
ADO Atlas's use of information received from Azure DevOps adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically, the extension only uses the data to provide and improve its single user-facing purpose, does not transfer the data to third parties (it is sent only to your own Azure DevOps service), does not use it for advertising, and does not allow humans to read it.
If this policy changes, the updated version will be published at this URL with a new effective date.
Questions about this policy: prorok1015@gmail.com