Sprint Planning Poker

Collaborative story point estimation for agile teams

Privacy & Security

← Back to Home

πŸ”’ Your Privacy Matters

We are committed to protecting your privacy and ensuring your planning sessions remain secure. Here's how we keep your data safe and respect your privacy.

πŸ›‘οΈ Data Protection

πŸ“ Minimal Data Collection

We only collect the minimum data necessary for the service to function:

  • Your chosen display name (not linked to personal identity)
  • Story point estimates during active sessions
  • Room settings and preferences
  • Anonymous usage analytics for platform improvement
  • For Persistent Rooms Only: Email address (used solely to link saved rooms - no verification or marketing)

We do NOT: Verify email addresses, send marketing emails, share data with third parties, or link emails to voting data.

⏰ Room Expiration Policy

Anonymous Rooms: Automatically expire after 24 hours of inactivity.

Persistent Rooms: Optional saved rooms expire after 30 days of inactivity.

This ensures:

  • Automatic cleanup of inactive data
  • Reduced data footprint on our servers
  • Persistent rooms available for recurring teams
  • Each session starts fresh (no old votes or members)

Note: Voting history and member lists are cleared between sessions. Only room settings (branding, name, configuration) persist.

πŸ” Secure Communication

All data transmission is secured using industry-standard protocols:

  • HTTPS Encryption: All web traffic is encrypted in transit
  • Firebase Security: Google's enterprise-grade real-time database
  • No Third-party Tracking: We don't share data with advertising networks
  • Secure Room Codes: Random 6-character codes prevent unauthorized access

🎯 Anonymous Analytics

We collect anonymous usage statistics to improve the platform:

  • Feature usage patterns (which features are most popular)
  • Session duration and team size metrics
  • Error rates and performance metrics
  • Browser and device compatibility data

Important: Analytics data cannot be traced back to individual users or specific teams.

🚫 No Persistent Tracking

We respect your browsing privacy:

  • No advertising cookies or tracking pixels
  • No cross-site tracking or fingerprinting
  • Local storage only for user preferences (theme, dark mode)
  • No social media integration or tracking

πŸ“‹ Compliance & Standards

πŸ‡ͺπŸ‡Ί GDPR Compliance

Our minimal data collection approach ensures GDPR compliance. Since we don't collect personal data, most GDPR requirements don't apply. Users can request data deletion by simply leaving the room.

πŸ‡ΊπŸ‡Έ Privacy Standards

We follow privacy-by-design principles and industry best practices for data minimization and user consent.

πŸ” Security Measures

🏠 Room Security

Planning rooms are secured through multiple mechanisms:

  • Unique Room Codes: Randomly generated 6-character alphanumeric codes
  • Admin Approval: Optional approval workflow for new members
  • Member Management: Admins can remove disruptive participants
  • Auto-Expiration: Rooms automatically close after 24 hours

πŸ›‘οΈ Platform Security

Our platform implements multiple security layers:

  • Firebase Rules: Database access rules prevent unauthorized modifications
  • Input Validation: All user inputs are validated and sanitized
  • Rate Limiting: Protection against spam and abuse
  • Regular Updates: Dependencies and security patches are regularly updated

πŸŽ›οΈ Persistent Rooms & Data Control

πŸ’Ύ Optional Persistent Rooms

After creating a room, you have the option to save it as a persistent room:

  • Completely Optional: You can skip this and use anonymous rooms (24-hour expiry)
  • No Verification: We collect email for room linking only - no verification required
  • Multiple Rooms: Create and manage unlimited persistent rooms per email
  • 30-Day Expiry: Persistent rooms auto-delete after 30 days of inactivity

πŸ—‘οΈ Your Data Rights

You have complete control over your data:

  • Delete Anytime: Use the "Manage My Rooms" page to delete saved rooms instantly
  • No Account Required: Enter your email to view and manage your rooms
  • Data Portability: Room settings are minimal and can be recreated manually
  • Right to be Forgotten: Contact us to delete all data associated with your email

πŸ“Š What Data Persists

Persistent rooms store only configuration data:

  • βœ… Room code, name, and branding settings
  • βœ… Custom colors and theme preferences
  • βœ… Email address for room ownership
  • βœ… Last activity timestamp
  • ❌ NOT stored: Voting history, member lists, story details, or estimates

Privacy First: Each session is a clean slate. Only settings persist, never sensitive voting data.

πŸ“§ Questions or Concerns?

If you have any questions about our privacy practices or security measures, please don't hesitate to reach out. We believe in transparency and are happy to address any concerns.

For immediate questions about data handling or to request information about your session data, you can contact us through the feedback channels in the application.