@[email protected] This is highly dependent on the way MDM is implemented. If your company is implementing MDM to fully onboard your personal device, then yes. Everything you said is correct. If however they are using a combination of (for Microsoft environments) App Restriction Policies and Conditional Access policy then the company has no way to issue a wipe on your phone. App restriction policies places managed applications in a separate encrypted partition. The company can see company data, but nothing from your personal partition at all. Nor can they control your device, monitor any of the sensors, or track your location or contacts.

The vast majority of orgs just do the full blown MDM enrollments though because it’s far less work to implement and less complicated to manage.