Privacy Policy

Effective Date: December 5, 2024

Introduction
Definitions
Information We Collect
How We Use Your Information
Legal Bases for Processing
Data Sharing and Disclosure
Data Retention
Data Security
Your Rights
International Data Transfers
Cookies and Tracking Technologies
Children's Privacy
Changes to This Privacy Policy
Contact Us

1. Introduction

Welcome to TeamPulse, a product of AES Tech AB (Org Number: 559507-2157) ("Company", "we", "us", or "our"). We are committed to protecting your privacy and handling your Personal Data transparently and securely. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our application and Services ("Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

AES Tech AB is the Data Controller responsible for your Personal Data processed via TeamPulse.

2. Definitions

For the purposes of this Privacy Policy:

"Account" means a unique account created for you to access our Services or parts of our Services.
"Application" refers to TeamPulse, the software program provided by the Company.
"Company", "we", "us", or "our" refers to AES Tech AB (Org Number: 559507-2157), the owner and operator of TeamPulse.
"Cookies" are small files placed on your device by a website, containing details of your browsing history among its many uses.
"Data Controller" means the entity that determines the purposes and means of processing Personal Data.
"Personal Data" means any information relating to an identified or identifiable natural person.
"Services" refers to the Application, the Website, and any related services provided by the Company.
"Website" refers to TeamPulse's site, accessible at www.teampulse.dev.
"You" means the individual accessing or using our Services, or the company or other legal entity on whose behalf such individual is accessing or using our Services.

3. Information We Collect

3.1 Personal Data

We may collect the following Personal Data when you register for or use our Services:

Account Information: Name, email address, and password for account creation.
GitHub Integration: Pull request metadata such as PR status, author, reviewers, merge times, review times, review comments, and other related metrics. We do not access or store your actual codebase or repository content.
Slack Integration: User emails and permissions to send messages for surveys and notifications. We do not access or store any of your Slack messages or channel content.
Payment Information: If you subscribe to a paid plan, we collect payment details necessary to process the transaction through our third-party payment processor, Stripe. We do not store your full payment card information on our servers.

4. How We Use Your Information

Providing Services: To operate and maintain our Services, including personalized dashboards and insights.
Improving Services: To analyze usage patterns and improve our platform's functionality and user experience.
Communication: To send you account notifications, updates, security alerts, and support messages.
Billing and Account Management: To process payments, manage subscriptions, and handle billing-related communications.
Legal Compliance: To comply with legal obligations and respond to lawful requests from public authorities.

5. Legal Bases for Processing

We process your Personal Data based on the following legal grounds:

Consent: For sending promotional communications and using non-essential Cookies.
Contract Performance: To provide and maintain our Services as per our agreement with you.
Legal Obligation: To comply with legal and regulatory requirements.
Legitimate Interests: To improve our Services, enhance user experience, and ensure the security of our platform.

We respect your privacy and do not sell or rent your Personal Data to third parties. We may share your Personal Data in the following circumstances:

Service Providers: With trusted third-party vendors and service providers who perform services on our behalf, including cloud hosting services like Oracle and Supabase, email services like Brevo, AI-powered services by OpenAI, payment processing via Stripe, traffic routing via Cloudflare Tunnel, and log ingestion via Better Stack. These partners are bound by confidentiality agreements and are committed to protecting your data.
For more information on how our service providers handle your data, please refer to their privacy policies:
This list may be updated as we add or change vendors.
Legal Requirements: If required by law or in response to valid requests by public authorities (e.g., a court or government agency).
Business Transfers: In connection with any merger, sale of Company assets, financing, or acquisition of all or a portion of our business.

7. Data Retention

We retain your Personal Data only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, to provide our services effectively, or as required by applicable laws and regulations. For active accounts, data is retained for the duration of the account's activity.

For inactive accounts—defined as accounts without login activity for twelve (12) consecutive months—we will initiate the deletion of the account and all associated Personal Data. Prior to deletion, you will receive a notification at least thirty (30) days in advance, offering you the opportunity to retain your account by logging in.

In some cases, we may retain certain data for a longer period as required by law, to resolve disputes, or to enforce our agreements. You also have the right to request the deletion of your Personal Data at any time, as outlined in the "Your Rights" section of this Privacy Policy.

8. Data Security

We are committed to protecting your Personal Data using industry-standard security measures:

Encryption: Passwords are securely hashed and stored. Personal Data is encrypted both at rest and in transit using TLS/SSL protocols.
Secure Infrastructure: Our Services are hosted on robust cloud infrastructure providers that comply with international security standards and certifications (e.g., ISO 27001, SOC 2).
Access Controls: Strict access controls are in place, ensuring that only authorized personnel can access sensitive Personal Data.
Regular Audits: We conduct regular security assessments and audits to identify and mitigate potential vulnerabilities.

While we employ advanced security measures, please be aware that no system is entirely foolproof. We continuously work to enhance our security practices to protect your Personal Data.

9. Your Rights

9.1 Access and Correction

You have the right to access and correct your Personal Data held by us. You can update your Account Information directly within the Application or by contacting us.

9.2 Data Deletion

Individual Users: You may request the deletion of your Account and Personal Data at any time.
Organization Owners: You may request the deletion of your organization's Account and all associated Personal Data.

9.3 Data Portability

You have the right to request a copy of your Personal Data in a structured, commonly used, and machine-readable format.

9.4 Withdrawal of Consent

If you have consented to any specific data processing, you have the right to withdraw that consent at any time.

9.5 Right to Object

You have the right to object to the processing of your Personal Data when it is based on Legitimate Interests or for direct marketing purposes.

9.6 Right to Restrict Processing

You can request that we restrict the processing of your Personal Data under certain circumstances, such as when you contest the accuracy of the data.

9.7 Right to Lodge a Complaint

If you believe that our processing of your Personal Data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority in your country of residence.

9.8 Opt-Out of Marketing Communications

You can opt out of receiving promotional emails from us by following the unsubscribe instructions included in each email or by contacting us directly.

To exercise these rights, please contact us using the information provided below.

10. International Data Transfers

As a Company based in Sweden, we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Your Personal Data may be transferred to and processed in countries outside of the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place to protect your Personal Data, such as:

Standard Contractual Clauses: We utilize agreements based on the European Commission's Standard Contractual Clauses to ensure adequate protection.
Adequacy Decisions: For countries recognized by the European Commission as providing an adequate level of data protection.

You can request more information about the safeguards we have in place by contacting us.

11. Cookies and Tracking Technologies

We use Cookies and similar tracking technologies to enhance your experience. This includes:

Functional Cookies: To remember your preferences such as preferred theme settings.
Session Cookies: To keep you logged in and maintain your session.

You can control Cookies through your browser settings. Please note that disabling Cookies may affect the functionality of our Services.

12. Children's Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect Personal Data from anyone under 16 without verifiable parental consent. If you become aware that a minor has provided us with Personal Data without parental consent, please contact us, and we will take steps to remove such information.

13. Changes to This Privacy Policy

We may revise this Privacy Policy from time to time, at our sole discretion. The most current version will always be posted on our Website (as indicated by the "Effective Date" at the top). We encourage you to review this Privacy Policy regularly for any changes.

Your continued use of the Services following the posting of any amendments constitutes your acknowledgment and acceptance of such changes and your agreement to be bound by the terms of the revised Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us at:

TeamPulse Support
Email: [email protected]

Data Controller:
AES Tech AB (Org Number: 559507-2157)
Address: Galoppvägen 14, 17067 Solna
Email: [email protected]

Supervisory Authority:
If you have concerns about how we handle your Personal Data, you have the right to lodge a complaint with the Swedish Data Protection Authority (Integritetsskyddsmyndigheten).
Website: https://www.imy.se/
Phone: +46 8 657 61 00

We value your privacy and are committed to addressing any questions or concerns you may have.