Pathix is a self-hosted forensics platform for Microsoft Dynamics 365 and the Dataverse. It runs entirely inside your Azure subscription. Three commitments shape the rest of this page:
Pathix deploys via a Bicep template into your own Azure subscription. Scan results, the parsed dependency/security graph, and any AI-generated narration are stored in your Azure SQL database in your tenant. Data residency is determined entirely by where you deploy. The vendor introduces no additional region or residency surface.
By default the vendor has no remote access to a running Pathix instance and receives no telemetry unless you opt in. When you need support, you generate and send a diagnostics bundle that you control.
Pathix's Dataverse access runs through a single application user holding a read-only, least-privileged custom role (Pathix Scanner), scoped to a fixed set of system tables. No write/create/delete/append/share privileges. The wrapper around the Dataverse SDK exposes only metadata-shaped methods; generic record retrieval against business tables is not implemented anywhere in the codebase.
Pathix does process:
Pathix does not process:
Pathix parses customization source (plugin IL, workflow XAML, flow JSON, form JavaScript, FetchXML, PowerFx) in memory during a scan and discards the raw bodies. Nothing customer-authored is persisted to the database. End-to-end, no exceptions.
To model who can do what, Pathix stores identifiers for administrative principals in your environment (principally user display names and User Principal Names (UPNs) from the systemuser table), plus team membership and role assignments.
On compliance frameworks: because Pathix holds no business record data, obligations that attach to record content (HIPAA, PCI, and GDPR data-subject rights against record contents) do not attach to Pathix. This is not a claim that no privacy law applies. The principal personal data above is personal data under GDPR/UK-GDPR and similar regimes, and remains in your control within your tenant. We deliberately do not say “Pathix processes no personal data.”
AI in Pathix is optional. The deterministic core works with zero AI.
Because Pathix is self-hosted, there is no Pathix L.L.C.-operated cloud in the data path. The vendor does not aggregate metadata across customers and does not receive a copy of your scan results. Data leaves your tenant only in these bounded cases, all under your control:
Because Pathix runs entirely in your tenant, Pathix L.L.C. engages no sub-processors that handle your environment data: there is no vendor data plane to sub-process. The only third party that can receive data is the AI provider you choose and contract with directly.
The pathix.app marketing site uses two privacy-respecting analytics tools: Vercel Web Analytics for aggregate pageview metrics (route, referrer, browser / device class, country), and PostHog for product analytics (which pages and links people use, so we can improve the site).
Both are configured to keep your footprint minimal. PostHog is reverse-proxied through pathix.app, so no third-party tracker domain loads in your browser. We set no cookies (an anonymous analytics ID is kept in your browser's local storage to tell sessions apart; it is not linked to your identity). We do not record or replay your session, and we do not build a person profile for anonymous visitors.
No advertising trackers are loaded; no data is sent to Google Analytics, Meta, LinkedIn, or any similar service. Vercel and PostHog act as our website-analytics processors and receive only this anonymized usage data, never your Dynamics environment data.
Privacy questions: privacy@pathix.app.
This page states Pathix's privacy and data-handling commitment in full. The metadata-only boundary it describes is permanent and not subject to revision.