DEV Community

Kaspars
Kaspars

Posted on

I built a private Copilot alternative that never lets your data leave your Microsoft 365 tenant

#microsoft365 #ai #azure #rag

For the last while I've been building Privault — a private AI knowledge assistant that runs inside a company's own Microsoft 365 tenant. No data leaves their Azure infrastructure. Think "Copilot alternative", but you own the deployment.

Here's the architecture and the judgment calls behind it.

The problem

Document-heavy orgs (construction, engineering, 50+ knowledge workers) want an AI that actually knows their SharePoint. The off-the-shelf answer is Copilot — but for many EU SMBs the blocker isn't capability, it's:

  • Where does the data go?
  • Per-seat pricing that scales badly for occasional users
  • "Own your deployment" vs renting someone else's black box

The architecture

Everything runs in the client's own Azure tenant:

  • Retrieval: semantic search over SharePoint documents, every answer returns cited sources (Microsoft Graph for indexing)
  • Actions: the agent drafts and sends email, creates tasks in Microsoft To Do, and reads calendar/meeting context — all via Graph
  • Multilingual: 90+ languages (the EU reality is bilingual users)
  • Model: Anthropic with a zero-data-retention agreement

Documents never leave the tenant. Responses are logged and cited, which turns "is the AI trustworthy?" into something you can actually audit.

The judgment call: pro-code vs low-code

This is where most "just use Power Automate" advice falls apart. Power Automate is great until you need real retrieval, custom tool calls, and control over how the model grounds its answers. That's an Azure Functions / Python job. Knowing which one a given workflow needs is the whole game — and getting it wrong is how you end up with a flow nobody can maintain.

What surprised me

The hardest part wasn't the RAG. It was grounding + citations under messy, real-world input — bilingual requests, half-formed questions, documents that contradict each other. A demo that parses clean input is easy. Production is where the EU-data-residency-and-actually-correct part gets earned.

If you're weighing a Copilot alternative where data residency and ownership matter, this is the shape of what's possible inside your own M365. More on Privault here.

Top comments (0)