Logo

Privacy Policy

The privacy of your data—and it is your data, not ours!—is a big deal to us. In this policy, we lay out: what data we collect and why; how your data is handled; and your rights with respect to your data. We promise we never sell your data: never have, never will.

What we collect and why

Our guiding principle is to collect only what we need. Here’s what that means in practice:

Identity and access

When you sign up for Velocity Studio, we ask for identifying information such as your name, email address, and maybe a company name. That’s so you can personalize your new account, and we can send you product updates and other essential information. We may also send you optional surveys from time to time to help us understand how you use our products and to make improvements. With your consent, we will send you our newsletter and other updates.

Usage

When you connect a Jira Cloud instance to Velocity Studio, we collect the email address of the connected Atlassian account and the Jira Cloud instance URL both for security and fraud prevention purposes and to guide our marketing efforts.

Billing information

If you sign up for a paid plan, you will be asked to provide your payment information and billing address. Credit card information is submitted directly to our payment processor and doesn’t hit our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number, for purposes of account history, invoicing, and billing support. We store your billing address so we can charge you for service, calculate any sales tax due, send you invoices, and detect fraudulent credit card transactions. We occasionally use aggregate billing information to guide our marketing efforts.

Voluntary correspondence

When you email Velocity Studio with a question or to ask for help, we keep that correspondence, including your email address, so that we have a history of past correspondence to reference if you reach out in the future.

We also store information you may volunteer, for example, written responses to surveys.

When we access or disclose your information

As detailed in our Security Overview, your Jira Cloud data or Atlassian account API tokens are never transmitted to our servers, and thus never accessible by us. Here’s how we access the information we do collect:

To provide products or services you’ve requested. We use some third-party subprocessors to help run our applications and provide the Services to you (see "Subprocessors" below).

To help you troubleshoot or squash a software bug, with your permission. If at any point we need to access your data to help you with a support case, we will ask for your consent before proceeding.

To investigate, prevent, or take action regarding abuse. Accessing a customer’s account when investigating potential abuse is a measure of last resort. We want to protect the privacy and safety of both our customers and the people reporting issues to us, and we do our best to balance those responsibilities throughout the process. If we discover you are using our products for an abusive purpose, we will take action as necessary, including notifying appropriate authorities where warranted.

Aggregated and de-identified data. We may aggregate and/or de-identify information collected through the services. We may use de-identified or aggregated data for any purpose, including marketing or analytics.

When required under applicable law. Velocity Studio is based in Norway, and we are subject to the laws of Norway.

  1. Requests for user data. Our policy is to not respond to government requests for user data unless we are compelled by legal process or in limited circumstances in the event of an emergency request.
  2. Preservation requests. Similarly, Velocity Studio’s policy is to comply with requests to preserve data only if compelled by law.
  3. If we are audited by a tax authority, we may be required to disclose billing-related information. If that happens, we will disclose only the minimum needed, such as billing addresses and tax exemption information.

Finally, if Velocity Studio is acquired by or merges with another company — we don’t plan on that, but if it happens — we’ll notify you well before any of your personal information is transferred or becomes subject to a different privacy policy.

Location of site and data

We use some third-party subprocessors in the European Union (EU) and in the United Kingdom (UK). Please be aware that any information you provide to us will be transferred to and stored in the European Union and/or the United Kingdom. By using our websites or Services and/or providing us with your personal information, you consent to this transfer.

Subprocessors

  1. Cloudflare. Website hosting and content delivery network provider. Customer traffic is processed globally at the data center closest to the end user.
  2. Supabase. Cloud hosting provider. Handles personal data contained in user account information. Operating in one or more regions within the European Union.
  3. Paddle. Merchant of Record. Handles personal data related to billing. Operating in the United Kingdom.

Changes to Our Privacy Policy

This policy is under active development, so please check back from time to time. By using the Service, you acknowledge, accept and agree with all provisions of the Privacy Policy.

Adapted from the Basecamp open-source policies / CC BY 4.0