1. Service Description
Power BI Wall is a free web application that enables you to display your Microsoft Power BI dashboards and reports on TVs, large screens, and digital signage displays.
The service:
- Embeds Power BI reports using the Microsoft Power BI Embedded API
- Provides auto-refresh and auto-slideshow functionality for continuous display
- Supports multiple presentation configurations
- Operates entirely in your web browser with minimal server-side processing
Important: This service is provided free of charge with absolutely no warranties or guarantees. We make no promises about uptime, reliability, or fitness for any particular purpose.
2. Technical Implementation & Data Flow
Authentication Flow
We use Microsoft Authentication Library (MSAL) with OAuth 2.0 for secure authentication. We never see or store your Microsoft password. All authentication is handled directly by Microsoft.
APIs We Call
- Microsoft Graph API: To retrieve your basic profile (name and email address only)
- Power BI REST API: To list your workspaces, reports, and generate embed tokens
- Azure Functions (Our Backend): To securely generate Power BI embed tokens server-side
What We Store
Storage Location: YOUR BROWSER ONLY (localStorage)
- Presentation Configurations: Report IDs, workspace IDs, refresh intervals, slideshow settings
- User Preferences: Display options, clock settings, navigation preferences
- Session Data: Access tokens (temporary, stored in browser session only)
Critical Understanding: All your configurations are stored in YOUR browser's localStorage. This means:
- Settings are device-specific and do NOT sync across devices
- If you clear your browser data, you will lose all your configurations
- We have NO ability to recover lost configurations
- We recommend exporting your configurations as backup if available
What We DO NOT Store
- Your Microsoft password or credentials
- Your Power BI report data or content
- Your workspace data or configurations
- Any personal information on our servers
- Any user database or account information
Privacy Advantage: By not storing any user data on our servers, we eliminate the risk of server-side data breaches affecting your information.
Security & Encryption
All API communication uses HTTPS/TLS encryption. Access tokens and embed tokens are transmitted securely and never logged or stored on our servers.
3. Power BI Access & Permissions
Permissions We Request
When you authenticate, we request read-only access to your Power BI workspaces and reports. Specifically:
- Report.Read.All: Read your Power BI reports
- Dataset.Read.All: Read dataset metadata (for refresh detection)
- Workspace.Read.All: List your workspaces
What We Access
- Workspace names and IDs (to display in dropdown menus)
- Report names, IDs, and embed URLs (to display reports)
- Dataset metadata (to check for data refresh status)
Embed Token Generation
Power BI embed tokens are security-critical and must be generated server-side. Here's how we handle them:
- Tokens are generated on-demand through our Azure Functions backend
- Tokens are short-lived (1 hour expiration)
- Tokens are automatically regenerated when they expire
- Tokens are never stored - only held in browser memory temporarily
- Token generation follows Microsoft's security best practices
What We CANNOT Do
- Modify, delete, or create Power BI content
- Share your reports with others
- Change workspace permissions
- Access report data outside of the embedding context
Revoking Access
You can revoke Power BI Wall's access to your Microsoft account at any time through your Microsoft account security settings at account.microsoft.com.
4. Authentication & Security
We take security seriously and follow Microsoft's recommended security practices:
Authentication Architecture
- MSAL (Microsoft Authentication Library): All authentication handled by Microsoft's official library
- OAuth 2.0 Flow: Industry-standard authorization framework
- No Password Handling: We never see, store, or handle your Microsoft password
- Token Storage: Access tokens stored in browser session storage only (cleared on browser close)
Security Best Practices
- All API calls use HTTPS/TLS encryption
- Embed tokens generated server-side (never client-side)
- Short-lived tokens minimize security risk
- No server-side user database eliminates data breach risk
- Content Security Policy (CSP) headers implemented
Your Security Responsibilities
- Maintain the security of your Microsoft account credentials
- Use strong, unique passwords for your Microsoft account
- Enable multi-factor authentication (MFA) on your Microsoft account
- Log out when using shared devices
- Report any security concerns to us immediately
5. Third-Party Services
Power BI Wall relies on the following third-party services:
Microsoft Services
- Azure Static Web Apps: Application hosting and delivery
- Azure Functions: Serverless backend for token generation
- Microsoft Entra ID (formerly Azure AD): Authentication and authorization
- Power BI Embedded: Report embedding and display
Analytics & Monitoring
- Google Tag Manager & Google Analytics: Anonymous usage tracking and analytics (optional, can be disabled)
Infrastructure
- Cloudflare: CDN (Content Delivery Network) and security services
Each third-party service has its own terms of service and privacy policy. Your use of Power BI Wall constitutes acceptance of these third-party terms.
6. Your Responsibilities
By using Power BI Wall, you agree to:
Licensing & Permissions
- Maintain a valid Power BI Pro, Premium, or Premium Per User license
- Have proper authorization to embed and display your Power BI reports
- Comply with your organization's data sharing and security policies
- Ensure you have rights to display content on public screens if applicable
Data Compliance
- Ensure your Power BI content complies with GDPR, CCPA, and other data protection regulations
- Obtain necessary consents for displaying personal or sensitive data
- Not use the service to display confidential information in public areas without authorization
- Comply with Microsoft's Power BI Terms of Service
Account Security
- Maintain the security of your Microsoft account credentials
- Immediately report any unauthorized access or security breaches
- Log out from shared or public devices
- Use strong authentication methods (MFA recommended)
Configuration Backups
- Understand that configurations are stored in your browser only
- Export or document your configurations if needed for backup
- Accept that we cannot recover lost configurations
Acceptable Use
- Not attempt to reverse engineer, decompile, or hack the service
- Not use the service for illegal purposes
- Not abuse or overload our API endpoints
- Not circumvent any security measures or rate limits
7. Service Availability & Reliability
No SLA: This is a free service provided without any Service Level Agreement (SLA) or uptime guarantees.
Service Reliability
- We make best-effort attempts to maintain service availability
- No guaranteed uptime or reliability metrics
- Service may be unavailable due to maintenance, updates, or technical issues
- Maintenance windows may occur with or without advance notice
Right to Modify or Discontinue
We reserve the right to:
- Modify, update, or discontinue the service at any time
- Change features, functionality, or technical implementation
- Temporarily or permanently suspend service availability
- Impose usage limits or restrictions
No Liability for Interruptions
- Not liable for service outages or interruptions
- Not liable for data loss or lost configurations (browser storage)
- Not liable for issues caused by Microsoft API changes or outages
- Not liable for browser compatibility issues
Dependencies
Service availability depends on:
- Microsoft Power BI API availability
- Azure platform availability
- Your internet connection and browser functionality
- Third-party CDN and infrastructure services
8. Data Privacy & GDPR
Data Controller vs Data Processor
- You (the user) are the data controller for any personal data in your Power BI reports
- Power BI Wall acts as a data processor (minimal processing - display only)
- Microsoft is the data processor for authentication and Power BI services
Personal Data We Process
We process minimal personal data:
- Name and Email: Retrieved from Microsoft Graph API for display in UI
- Usage Data: Anonymous analytics via Google Analytics (if enabled)
Data Storage & Retention
Server-Side: NO USER DATA STORED
Client-Side: Browser localStorage (under your control)
- No server-side storage of personal data or user accounts
- Browser localStorage contains only presentation configurations (no personal data)
- Session tokens cleared when browser closes
- No long-term data retention on our infrastructure
Your GDPR Rights
- Right to Access: Your data is in your browser - view it in localStorage
- Right to Erasure: Clear your browser data to delete all configurations
- Right to Data Portability: Export configurations if feature available
- Right to Object: Stop using the service and clear browser data
Data Transfers
- Service hosted in Microsoft Azure (data center location varies)
- Data transmitted to Microsoft APIs (subject to Microsoft privacy policy)
- Analytics data sent to Google (subject to Google privacy policy)
Privacy by Design
Our architecture minimizes privacy risks:
- No server-side user database
- Minimal data collection
- No tracking across devices
- Browser-only storage gives you full control
9. Open Source & Transparency
Code Transparency
- Frontend JavaScript code is viewable in your browser (not obfuscated)
- All client-side logic can be inspected using browser developer tools
- API endpoints are documented and visible in network requests
Architecture Simplicity
Data Flow: Browser → Token API → Microsoft APIs → Browser
Our architecture is intentionally simple:
- Frontend: HTML, CSS, JavaScript (runs entirely in your browser)
- Backend: Azure Functions for token generation only
- Storage: Browser localStorage (no server database)
- Authentication: Microsoft MSAL (OAuth 2.0)
No Hidden Tracking
- No hidden analytics beyond stated Google Analytics
- No fingerprinting or tracking scripts
- No third-party advertising networks
- No cross-site tracking
Technical Review
Technical users are encouraged to:
- Review network requests in browser DevTools
- Inspect localStorage contents
- Examine JavaScript code
- Report any security concerns or unexpected behavior
10. Limitation of Liability
Use at Your Own Risk: This free service is provided "as-is" without any warranties or guarantees.
No Warranties
TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE PROVIDE THE SERVICE "AS-IS" WITH NO WARRANTIES OF ANY KIND, INCLUDING:
- No warranty of merchantability or fitness for a particular purpose
- No warranty of uninterrupted or error-free service
- No warranty of data accuracy or completeness
- No warranty regarding security or privacy
Limitation of Liability
WE ARE NOT LIABLE FOR:
- Business Interruption: Lost revenue, profits, or business opportunities
- Data Loss: Lost configurations, settings, or browser data
- Power BI Issues: Power BI data accuracy, availability, or Microsoft API changes
- Third-Party Services: Outages or issues with Microsoft, Azure, or other services
- Security Breaches: Unauthorized access to your Microsoft account (your responsibility)
- Compliance: Your data compliance with GDPR, CCPA, or other regulations
Maximum Liability
As this is a free service, our maximum liability is limited to $0 (zero dollars). You agree that you will not seek any monetary damages from Power BI Wall.
Indemnification
You agree to indemnify and hold harmless Power BI Wall from any claims, damages, or expenses arising from:
- Your use of the service
- Your violation of these terms
- Your violation of any third-party rights
- Your Power BI content or data
11. Intellectual Property
Your Content Rights
- You retain all ownership and intellectual property rights to your Power BI reports and data
- We do not claim any rights to your content
- We do not store, copy, or distribute your content
Service Rights
- Power BI Wall service code, design, and branding are owned by Power BI Wall
- You may not copy, modify, or distribute our service code
- You may not use our branding or trademarks without permission
Third-Party Trademarks
- "Power BI" and "Microsoft" are trademarks of Microsoft Corporation
- We are not affiliated with, endorsed by, or sponsored by Microsoft
- All third-party trademarks remain property of their respective owners
12. Changes to Terms
Right to Update
- We reserve the right to update these terms at any time
- Material changes will be highlighted or announced
- Last Updated date will be modified at the top of this page
Notification of Changes
- Minor updates may be made without notice
- Major changes will be communicated via the application
- Continued use of the service constitutes acceptance of updated terms
Review Regularly
We encourage you to review these terms periodically. If you disagree with any changes, discontinue use of the service.
Contact Us
If you have questions about these Terms and Conditions, please contact us: