User information (user name, e-mail, title, phone(s), office location, etc.) for building documents are stored on Azure SQL server.
Asset files (Templates, Images, etc.) are stored in Azure Blob Storage.
Tenant isolation is on the logical level for data on the Azure SQL server and all functions throughout Templafy code base require a customerId and an userId.
Each tenant has a separate Container in Azure Blob Storage for asset files.
All data are encrypted at transport (SSL/TLS) but not at rest.
No passwords or sensitive user data are stored in Templafy. All user authentication is done through the customers own Authentication Service (such as ADFS, Azure AD, etc.)
Notice that Templafy is a one-way solution
Users can build documents, presentation and spreadsheets from generic base templates and libraries of texts, slides and images.
Users cannot store any Office files back in Templafy (after the user might have filled the file with sensitive data).