At Planning Poker Agile (operated by NeuralOps), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application.
1. Information We Collect
1.1 Information You Provide
When you use Planning Poker Agile, we may collect the following information:
- Username/Display Name: The name you choose to display during planning poker sessions
- Session Data: Voting choices, story estimates, and session participation history
- Contact Information: Email address and phone number (optional) when you contact us through the contact form
- Feedback and Messages: Any information you provide when contacting our support team
1.2 Automatically Collected Information
We automatically collect certain information when you access our application:
- Usage Data: Information about how you use the application, including session duration and features used
- Device Information: Browser type, operating system, and device identifiers
- Log Data: IP addresses, access times, and pages viewed
- Cookies and Similar Technologies: We use cookies to maintain session state and improve user experience
2. How We Use Your Information
We use the collected information for the following purposes:
- Service Delivery: To provide and maintain Planning Poker Agile functionality
- Session Management: To create and manage planning poker sessions, store votes, and calculate estimates
- Communication: To respond to your inquiries and provide customer support
- Improvement: To analyze usage patterns and improve application features
- Security: To detect, prevent, and address technical issues and security threats
- Compliance: To comply with legal obligations and enforce our terms of service
3. Data Storage and Retention
Planning Poker Agile currently uses in-memory session storage. This means:
- Session data (participants, votes, stories) is stored temporarily in server memory
- Data is automatically deleted when the server restarts or sessions expire
- We do not permanently store your voting history or session data in databases
- CSV exports are generated on-demand and not stored on our servers
Contact form submissions and support communications are retained for up to 2 years for customer service purposes.
4. Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:
- With Your Consent: When you explicitly authorize us to share information
- Service Providers: With trusted third-party service providers who assist in operating our application (e.g., hosting providers, email services)
- Legal Requirements: When required by law, court order, or governmental authority
- Business Transfers: In connection with any merger, acquisition, or sale of assets
- Protection: To protect the rights, property, or safety of NeuralOps, our users, or others
5. Data Security
We implement industry-standard security measures to protect your information:
- Encryption: Data transmission is secured using HTTPS/SSL encryption
- Access Controls: Strict access controls and authentication mechanisms
- Regular Audits: Periodic security assessments and vulnerability testing
- ISO 27001 Compliance: We follow Information Security Management System standards
- GDPR Compliance: We adhere to General Data Protection Regulation requirements
However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
6. Your Rights and Choices
Depending on your location, you may have the following rights:
- Access: Request access to the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information (right to be forgotten)
- Portability: Request a copy of your data in a structured, machine-readable format
- Objection: Object to processing of your personal information
- Restriction: Request restriction of processing your personal information
- Withdraw Consent: Withdraw consent at any time where we rely on consent
To exercise these rights, please contact us using the information provided below.
7. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to:
- Maintain session state and user preferences
- Analyze website traffic and user behavior
- Improve application performance and user experience
You can control cookies through your browser settings. However, disabling cookies may affect the functionality of Planning Poker Agile.
8. Children's Privacy
Planning Poker Agile is not intended for children under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.
10. Third-Party Links
Our application may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:
- Posting the updated policy on this page with a new "Last Updated" date
- Sending an email notification (if you have provided your email address)
- Displaying a prominent notice on our application
Your continued use of Planning Poker Agile after changes become effective constitutes acceptance of the updated Privacy Policy.
12. GDPR Compliance (For EU Users)
If you are located in the European Economic Area (EEA), you have additional rights under the GDPR:
- Legal Basis for Processing: We process your data based on consent, contractual necessity, legal obligations, and legitimate interests
- Data Protection Officer: For GDPR-related inquiries, contact our DPO at office@neuralops.in
- Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
13. California Privacy Rights (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information (we do not sell your data)
- Right to deletion of personal information
- Right to non-discrimination for exercising your rights