Privacy Policy

Version 1.0 Effective: January 1, 2025

Privacy Policy

Effective Date: January 1, 2025
Version: 1.0

1. Introduction

RetroSpectify (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password
  • Profile Information: Avatar, display name, preferences
  • Content: Retrospective items, comments, action items, and other user-generated content
  • Payment Information: Billing details (processed securely through third-party payment processors)
  • Communications: Messages you send to us or through the Service

2.2 Automatically Collected Information

  • Usage Data: Pages viewed, features used, time spent, click patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Cookies and Tracking: We use cookies and similar technologies (see Section 8)
  • Log Data: Server logs, error reports, performance metrics

2.3 Information from Third Parties

  • Authentication Providers: If you sign in using third-party services
  • Payment Processors: Transaction details from payment providers

3. How We Use Your Information

3.1 To Provide the Service

  • Create and manage your account
  • Process transactions and subscriptions
  • Provide customer support
  • Communicate with you about the Service

3.2 To Improve the Service

  • Analyze usage patterns and trends
  • Develop new features and functionality
  • Troubleshoot technical issues
  • Conduct research and analytics

3.3 To Protect the Service

  • Detect and prevent fraud, abuse, and security threats
  • Enforce our Terms of Service
  • Comply with legal obligations

3.4 To Communicate with You

  • Send service-related notifications
  • Provide product updates and announcements
  • Send marketing communications (with your consent)
  • Respond to your inquiries

4. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract Performance: To provide the Service you’ve signed up for
  • Consent: For marketing communications and optional features
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Legal Obligations: To comply with applicable laws and regulations

5. How We Share Your Information

5.1 With Your Team Members

  • Content you create is visible to members of your teams
  • Your profile information is visible to team members

5.2 With Service Providers

We share data with trusted third parties who help us operate the Service:

  • Cloud hosting providers
  • Payment processors
  • Email service providers
  • Analytics providers
  • Customer support tools

5.3 For Legal Reasons

We may disclose information when required by law or to:

  • Comply with legal processes (subpoenas, court orders)
  • Enforce our Terms of Service
  • Protect our rights, property, or safety
  • Prevent fraud or security threats

5.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5.5 With Your Consent

We may share information with third parties when you explicitly consent.

6. Your Rights and Choices

6.1 Access and Portability

  • You can access your personal information through your account settings
  • You can request a copy of your data in a portable format

6.2 Correction and Update

  • You can update your profile information at any time
  • Contact us to correct inaccurate information

6.3 Deletion

  • You can delete your account through your account settings
  • We will delete your data within 30 days (subject to legal retention requirements)

6.4 Consent Management

  • You can manage your consent preferences in your account settings
  • You can opt out of marketing emails by clicking “unsubscribe”

6.5 Object to Processing

  • You can object to certain types of processing
  • You can restrict how we use your data

6.6 Lodge a Complaint

  • EU residents can lodge a complaint with their data protection authority

7. Data Retention

We retain your information for as long as necessary to:

  • Provide the Service
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements

Specific retention periods:

  • Account Data: Retained while your account is active, deleted 30 days after account deletion
  • Consent Records: Retained for 7 years for GDPR compliance
  • Transaction Records: Retained as required by tax and financial regulations
  • Audit Logs: Retained for 2 years for security purposes

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

  • Essential Cookies: Required for the Service to function
  • Analytics Cookies: Help us understand how you use the Service
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Track effectiveness of marketing campaigns (with consent)

8.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.

9. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption in transit (TLS/SSL)
  • Encryption at rest for sensitive data
  • Regular security assessments
  • Access controls and authentication
  • Employee training on data protection

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by regulatory authorities
  • Other legally approved transfer mechanisms

11. Children’s Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.

12. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies.

13. AI Processing

We may use artificial intelligence to:

  • Categorize and analyze retrospective items
  • Generate insights and suggestions
  • Improve Service functionality

You can opt out of AI processing through your consent preferences.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via:

  • Email notification
  • Prominent notice in the Service
  • Updated “Effective Date” at the top of this policy

Your continued use after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices:

Email: privacy@retrospectify.com
Data Protection Officer: dpo@retrospectify.com
Address: [Your Business Address]

16. Specific Regional Rights

16.1 European Economic Area (EEA) Residents

You have additional rights under GDPR, including the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing
  • Not be subject to automated decision-making

16.2 California Residents (CCPA)

You have the right to:

  • Know what personal information we collect
  • Know whether we sell or share personal information (we do not)
  • Access your personal information
  • Request deletion of your personal information
  • Non-discrimination for exercising your rights

16.3 Other Jurisdictions

We respect privacy rights granted by applicable laws in your jurisdiction.

By using RetroSpectify, you acknowledge that you have read and understood this Privacy Policy.

← Back to Home View Terms of Service →
Privacy questions or concerns? Contact our Data Protection Officer at privacy@retrospectify.com