Privacy & Security
β Back to Homeπ Your Privacy Matters
We are committed to protecting your privacy and ensuring your planning sessions remain secure. Here's how we keep your data safe and respect your privacy.
π‘οΈ Data Protection
π Minimal Data Collection
We only collect the minimum data necessary for the service to function:
- Your chosen display name (not linked to personal identity)
- Story point estimates during active sessions
- Room settings and preferences
- Anonymous usage analytics for platform improvement
We do NOT collect: Email addresses, phone numbers, IP addresses, or any personally identifiable information.
β° Auto-Expiring Sessions
All planning rooms automatically expire after 24 hours of inactivity. This ensures:
- No permanent storage of your session data
- Automatic cleanup of inactive rooms
- Fresh start for each planning session
- Reduced data footprint on our servers
π Secure Communication
All data transmission is secured using industry-standard protocols:
- HTTPS Encryption: All web traffic is encrypted in transit
- Firebase Security: Google's enterprise-grade real-time database
- No Third-party Tracking: We don't share data with advertising networks
- Secure Room Codes: Random 6-character codes prevent unauthorized access
π― Anonymous Analytics
We collect anonymous usage statistics to improve the platform:
- Feature usage patterns (which features are most popular)
- Session duration and team size metrics
- Error rates and performance metrics
- Browser and device compatibility data
Important: Analytics data cannot be traced back to individual users or specific teams.
π« No Persistent Tracking
We respect your browsing privacy:
- No advertising cookies or tracking pixels
- No cross-site tracking or fingerprinting
- Local storage only for user preferences (theme, dark mode)
- No social media integration or tracking
π Compliance & Standards
πͺπΊ GDPR Compliance
Our minimal data collection approach ensures GDPR compliance. Since we don't collect personal data, most GDPR requirements don't apply. Users can request data deletion by simply leaving the room.
πΊπΈ Privacy Standards
We follow privacy-by-design principles and industry best practices for data minimization and user consent.
π Security Measures
π Room Security
Planning rooms are secured through multiple mechanisms:
- Unique Room Codes: Randomly generated 6-character alphanumeric codes
- Admin Approval: Optional approval workflow for new members
- Member Management: Admins can remove disruptive participants
- Auto-Expiration: Rooms automatically close after 24 hours
π‘οΈ Platform Security
Our platform implements multiple security layers:
- Firebase Rules: Database access rules prevent unauthorized modifications
- Input Validation: All user inputs are validated and sanitized
- Rate Limiting: Protection against spam and abuse
- Regular Updates: Dependencies and security patches are regularly updated
π§ Questions or Concerns?
If you have any questions about our privacy practices or security measures, please don't hesitate to reach out. We believe in transparency and are happy to address any concerns.
For immediate questions about data handling or to request information about your session data, you can contact us through the feedback channels in the application.