Privacy Policy for AITOC, INC DBA AgileCCPM
Version 1.0 Published on February 16, 2025
Table of Contents
1. Introduction
1.1 Overview of the Privacy Policy
1.2 About AgileCCPM and Our Products (Website and Atlassian Marketplace App)
1.3 Key Definitions
2. Who We Are and How to Contact Us
2.1 Identity of the Data Controller
2.2 Contact Information for Privacy Queries
2.3 Updates to This Privacy Policy
2.4 Third-Party Links and Services
3. What Data We Collect
3.1 Categories of Personal Data
3.1.1 Identity Data
3.1.2 Contact Data
3.1.3 Technical Data
3.1.4 Usage Data
3.1.5 Marketing and Communications Data
3.3 Special Categories of Data
3.4 If You Fail to Provide Personal Data
4. How We Collect Your Data
4.2 Data Collected Through Automated Technologies
4.2.1 Cookies and Tracking Technologies
4.2.2 Server Logs
4.3.1 Business Partners
4.3.2 Publicly Available Sources
5. How We Use Your Data
5.1 Legal Bases for Processing
5.1.1 Consent
5.1.2 Contractual Necessity
5.1.3 Legitimate Interests
5.1.4 Legal Obligations
5.2.1 Service Delivery
5.2.2 Improving Our Products
5.2.3 Customer Support
5.2.4 Marketing and Communication
5.3 Marketing Preferences and Opt-Outs
6. Disclosure of Your Data
6.2.1 Service Providers
6.2.2 Legal and Regulatory Requirements
6.2.3 Business Transfers
7. International Data Transfers
7.1 Data Transfers Outside Your Jurisdiction
7.2 Safeguards for International Transfers
8. Data Security
8.1 Security Measures for our apps on Atlassian Marketplace
8.2 Security Measures in Place
9. Data Retention
10. Your Rights
10.1 Overview of Your Legal Rights
10.2.1 Accessing Your Data
10.2.2 Correcting Your Data
10.2.3 Erasing Your Data
10.2.4 Restricting Data Processing
10.2.5 Data Portability
10.2.6 Objecting to Data Use
10.4 No Fee Typically Required
10.6 Special Rights for Residents of Certain Jurisdictions
10.6.1 California Residents (CCPA/CPRA Rights)
10.6.2 Nevada Residents
10.6.3 EU/EEA Residents (GDPR Rights)
11. Cookies and Tracking Technologies
11.1 What Are Cookies?
11.2.1 Essential Cookies
11.2.2 Performance and Analytics Cookies
11.2.3 Functional Cookies
11.2.4 Targeting/Advertising Cookies
11.3 How We Use Cookies
11.4 Managing Your Cookie Preferences
11.5 Do Not Track Signals
12. Third-Party Services and Integrations
12.1 Atlassian Marketplace App Integrations
12.2 Links to Third-Party Websites and Services
12.3 Third-Party Data Sharing Policies
13. Changes to This Privacy Policy
13.1 When We May Update This Policy
13.2 How We Notify You of Changes
14. How to Contact Us
14.1 General Inquiries
14.2 Privacy-Specific Inquiries
15. Glossary of Terms
15.1 Key Definitions
15.1.1 Personal Data
15.1.2 Data Controller
15.1.3 Data Processor
15.1.4 Third Parties
15.1.5 Cookies
1. Introduction
1.1 Overview of the Privacy Policy
AITOC, INC dba AgileCCPM values your privacy and is committed to protecting your personal data. This privacy policy outlines how we manage your personal data when you visit our website or use our Atlassian marketplace app, AgileCCPM. It also informs you about your privacy rights and how the law protects you.
1.2 About AgileCCPM and Our Products (Website and Atlassian Marketplace App)
AgileCCPM is a technology company that focuses on providing innovative and reliable software solutions to enhance productivity and efficiency with a strong focus on Theory of Constraints (TOC) and Critical Chain Project Management (CCPM) methodologies. AgileCCPM is our Atlassian marketplace app that integrates with your Jira software to offer enhanced project management capabilities.
1.3 Key Definitions
Please refer to the Glossary at the end of this document to understand the meaning of some of the terms used in this privacy policy.
2. Who We Are and How to Contact Us
2.1 Identity of the Data Controller
AgileCCPM, is the data controller responsible for your personal data.
2.2 Contact Information for Privacy Queries
For any queries about this privacy policy or our privacy practices, please contact our at:
Email: privacy@agileccpm.com Postal address: 17657 Candlewood Ter, Boca Raton, FL 33487, USA
2.3 Updates to This Privacy Policy
We review and update this privacy policy regularly. When we make an update, we update the information in the header above.
2.4 Third-Party Links and Services
Our website and Atlassian marketplace app may contain links to third-party websites and services. We are not responsible for their privacy practices, and we encourage you to read their privacy policies.
3. What Data We Collect
This website and our products/services are not intended for children and we do not knowingly collect data relating to children.
3.1 Categories of Personal Data
We may collect, use, store, and transfer different kinds of personal data about you, including:
3.1.1 Identity Data
Your first name, last name, display name.
3.1.2 Contact Data
Your email address, postal address, and telephone numbers.
3.1.3 Technical Data
Your IP address, login data, browser type and version, time zone setting and location, operating system and platform, anonymized Jira accountId, and other technology on the devices you use to access our website or app.
3.1.4 Usage Data
Information about how you use our website and app.
3.1.5 Marketing and Communications Data
Your preferences in receiving marketing from us and our third parties, and your communication preferences.
3.2 Non-Personal Data
We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. This data does not reveal your identity.
3.3 Special Categories of Data
We do not collect any Special Categories of Personal Data about you, such as details about your race, ethnicity, religious beliefs, sex life, sexual orientation, political opinions, trade union membership, or health.
3.4 If You Fail to Provide Personal Data
If you fail to provide personal data when requested, we may not be able to perform a contract we have or are trying to enter into with you (e.g., to provide you with our products or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case.
4. How We Collect Your Data
4.1 Data You Provide Directly
You may give us your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email, or otherwise.
4.2 Data Collected Through Automated Technologies
As you interact with our website and app, we collect Technical Data about your equipment, browsing actions, and patterns. We use cookies and other similar technologies for this purpose.
4.2.1 Cookies and Tracking Technologies
We use cookies to improve your experience on our website and app. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies.
4.2.2 Server Logs
We collect log file information when you use our website and app. This includes information such as your web request, IP address, browser type, referring/exit pages and URLs, and how you interact with links on the service.
4.3 Data from Third Parties
We may receive personal data about you from various third parties, including:
4.3.1 Business Partners
We may receive information about you from our business partners, such as analytics providers and advertising networks like Google Analytics.
4.3.2 Publicly Available Sources
We may collect information about you from publicly available sources.
5. How We Use Your Data
5.1 Legal Bases for Processing
We will only process your personal data when the law allows us to do so. Most commonly, we will use your personal data:
5.1.1 Consent
Where we have obtained your consent to process your personal data for certain activities.
5.1.2 Contractual Necessity
Where we need to process your personal data to perform a contract we have entered into with you.
5.1.3 Legitimate Interests
Where we need to process your personal data for our legitimate interests (or those of a third party), provided your interests and fundamental rights do not override these interests.
5.1.4 Legal Obligations
Where we need to process your personal data to comply with our legal obligations.
5.2 Purposes for Data Use
We use your personal data to provide you with our products and services, personalize and improve your experience, communicate with you about our products and services, and for other legitimate business purposes.
5.2.1 Service Delivery
We use your personal data to provide our services, process transactions, and respond to your inquiries.
5.2.2 Improving Our Products
We use your personal data to analyze usage trends and perform data analysis to improve our products and services.
5.2.3 Customer Support
We use your personal data to provide customer support, including resolving technical issues and responding to inquiries.
5.2.4 Marketing and Communication
We use your personal data to communicate with you about our products and services, provide you with marketing materials, and tailor advertisements to your interests.
5.3 Marketing Preferences and Opt-Outs
You can opt-out of receiving marketing communications from us at any time. You can exercise your opt-out rights by following the unsubscribe instructions in the marketing emails we send you or by contacting us.
6. Disclosure of Your Data
6.1 Internal Disclosures
We may share your personal data with other entities within AgileCCPM for purposes consistent with this privacy policy.
6.2 External Disclosures
6.2.1 Service Providers
We may share your personal data with third-party service providers who provide services on our behalf, such as data analysis, payment processing, customer service, and other services.
6.2.2 Legal and Regulatory Requirements
We may disclose your personal data as required by law or in response to valid requests by public authorities, such as to meet national security or law enforcement requirements.
6.2.3 Business Transfers
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution, or similar event, your personal data may be part of the transferred assets.
7. International Data Transfers
Our principal business activities are conducted within the United States. As such, should your residence be outside the U.S., it is essential to acknowledge and consent to the likelihood of your personal data being transported to, retained, or processed within the U.S. by our company and the third-party providers that host our services. It should be noted that the laws governing personal information in the U.S. may not extend the same degree of protection as those in your native country.
7.1 Data Transfers Outside Your Jurisdiction
Your personal data may be transferred to, stored, or processed in a country that is not regarded as providing the same level of protection for personal data as the laws of your home country. We have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your data is adequately protected.
7.2 Safeguards for International Transfers
For transfers of personal data outside of the European Economic Area (EEA), we use Standard Contractual Clauses approved by the European Commission, adopt other means under European Union law for ensuring adequate safeguards, or obtain your consent.
8. Data Security
8.1 Security Measures for our apps on Atlassian Marketplace
We follow strict security rules of Atlassian Marketplace for its app. Futhermore, we do not have any data egress from Atlassian and support data residency in alignment with the host product, qualifying us for Runs on Atlassian program. This means that your Atlassian data stays with Atlassian. If our app in the Atlassian Marketplace needs to store data, we store only the anonymized accountId in Atlassian.
8.2 Security Measures in Place
We have implemented appropriate technical and organizational measures designed to protect the security of any personal data we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure.
8.3 Reporting a Data Breach
In the event of a data breach, we will strive to notify you within 72 hours of discovery and provide appropriate information related to the breach.
9. Data Retention
9.1 Retention Periods
We retain personal data for as long as necessary to fulfill the purposes for which we collected it. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and the purposes for which we process it.
9.2 Deleting Your Data
In some circumstances, you can ask us to delete your data. Please see section 10.2.3 for more information.
10. Your Rights
10.1 Overview of Your Legal Rights
Depending on your jurisdiction, you may have certain rights regarding your personal data. These may include the right to access, correct, or delete your data, restrict or object to data processing, request data portability, and withdraw consent.
10.2 Exercising Your Rights
10.2.1 Accessing Your Data
You have the right to request access to your personal data that we hold.
10.2.2 Correcting Your Data
You have the right to have any inaccurate personal data we hold about you corrected and to have incomplete data completed.
10.2.3 Erasing Your Data
You have the right to request that we erase your personal data under certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected.
10.2.4 Restricting Data Processing
You can ask us to suspend the processing of your personal data in certain circumstances, for example, if you want us to establish the data's accuracy or the reason for processing it.
10.2.5 Data Portability
In certain circumstances, you have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format and the right to transmit that data to another controller without hindrance.
10.2.6 Objecting to Data Use
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data.
10.3 Timeframe for Responses
We aim to respond to all legitimate requests within one month. If your request is particularly complex or you have made multiple requests, it may take us longer, but we will notify you and keep you updated.
10.4 No Fee Typically Required
We will not charge a fee for you to exercise your rights in relation to your personal data, unless your request for access is unfounded or excessive, in which case we will charge a reasonable fee in such circumstances.
10.5 Verification of Identity
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data.
10.6 Special Rights for Residents of Certain Jurisdictions
10.6.1 California Residents (CCPA/CPRA Rights)
California residents are entitled to certain rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). These rights include:
Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collecting it, and whether it has been shared or sold.
Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions (e.g., legal obligations or security purposes).
Right to Opt-Out of Sale/Sharing: You have the right to opt out of the "sale" or "sharing" of your personal information, as defined by California law. Please note that we do not currently sell or share personal information as defined under the CCPA and CPRA.
Right to Correct: If you believe the personal information we have about you is inaccurate, you may request that we correct it.
Right to Limit Use of Sensitive Personal Information: If we collect "sensitive personal information" (as defined under California law), you can request that we limit its use and disclosure.
To exercise these rights, or if you have any questions, you can contact us at: privacy@agileccpm.com. We will verify your identity as part of processing your request.
10.6.2 Nevada Residents
Under Nevada Revised Statutes Chapter 603A, Nevada residents have the right to opt out of the sale of certain types of personal information. While we do not currently sell personal information as defined under Nevada law, you may still submit a request to opt out of future sales, should our practices change.
To submit an opt-out request, or if you have any questions, please contact us at: privacy@agileccpm.com.
10.6.3 EU/EEA Residents (GDPR Rights)
If you are located in the European Union (EU) or European Economic Area (EEA), you are entitled to certain rights under the General Data Protection Regulation (GDPR). These rights include:
Right of Access: You can request information about the personal data we hold about you and how we process it.
Right to Rectification: You have the right to request corrections to any inaccurate or incomplete personal data.
Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal data, subject to certain legal exceptions.
Right to Restrict Processing: You can ask us to limit the processing of your personal data under certain circumstances.
Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format, and you can ask us to transmit this data to another controller where technically feasible.
Right to Object: You may object to our processing of your personal data for direct marketing or other purposes based on legitimate interests.
Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
Right to Lodge a Complaint: You have the right to lodge a complaint with a data protection authority in your country if you believe your rights under the GDPR have been violated.
To exercise your GDPR rights, or if you have any questions, please contact us at: privacy@agileccpm.com. We will verify your identity as part of processing your request.
11. Cookies and Tracking Technologies
11.1 What Are Cookies?
Cookies are small text files that are stored on your device when you visit a website. They are used to track, save, and store information about the user's interactions and usage of the website.
11.2 Types of Cookies We Use
We use different types of cookies on our website and app, including essential cookies, performance cookies, functionality cookies, and targeting/advertising cookies.
11.2.1 Essential Cookies
11.2.2 Performance and Analytics Cookies
11.2.3 Functional Cookies
11.2.4 Targeting/Advertising Cookies
11.3 How We Use Cookies
We use cookies to improve your experience on our website and app, to provide personalized content, to analyze our traffic, and for advertising purposes.
11.4 Managing Your Cookie Preferences
You can typically remove or reject cookies via your browser settings.
11.5 Do Not Track Signals
We do not currently respond to 'do not track' signals and similar settings or mechanisms.
12. Third-Party Services and Integrations
12.1 Atlassian Marketplace App Integrations
Our Atlassian marketplace app, AgileCCPM, may integrate with other Atlassian services or third-party apps. This Privacy Policy does not apply to these third-party services or apps, and we encourage you to read the privacy policies of any third-party services or apps you use.
12.2 Links to Third-Party Websites and Services
Our website and app may contain links to other websites, services, and applications that are not owned or controlled by us. This Privacy Policy does not apply to these third-party services, and we cannot take responsibility for the content, privacy policies, or practices of these third-party services.
12.3 Third-Party Data Sharing Policies
We do not sell, rent, or otherwise disclose your personal data to third parties for their marketing and advertising purposes without your consent.
13. Changes to This Privacy Policy
13.1 When We May Update This Policy
We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.
13.2 How We Notify You of Changes
We will update the “effective date” at the top of this Privacy Policy. If we make fundamental changes to this Privacy Policy, we will provide you with notice of the changes, such as by sending an email, providing notice through our website or the app, or updating the "effective date" at the top of this Privacy Policy.
14. How to Contact Us
14.1 General Inquiries
For general inquiries, you can contact us at info@agileccpm.com.
14.2 Privacy-Specific Inquiries
For inquiries related to this Privacy Policy or our privacy practices, you can contact us at privacy@agileccpm.com.
15. Glossary of Terms
15.1 Key Definitions
15.1.1 Personal Data
Any information relating to an identified or identifiable natural person.
15.1.2 Data Controller
The entity that determines the purposes and means of the processing of personal data.
15.1.3 Data Processor
The entity that processes personal data on behalf of the data controller.
15.1.4 Third Parties
Entities, other than the data subject, data controller, data processor, and persons who, under the direct authority of the data controller or processor, are authorized to process personal data.
15.1.5 Cookies
Small text files that are placed on your device by a web server when you access our website. They are used to store and receive identifiers and other information on devices.
15.2 Legal Basis Definitions
15.2.1 Consent
You have given clear consent for us to process your personal data for a specific purpose.
15.2.2 Contractual Necessity
The processing is necessary for a contract you have with us, or because you have asked us to take specific steps before entering into a contract.
15.2.3 Legal Obligations
The processing is necessary for us to comply with the law.
15.2.4 Legitimate Interests
The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data that overrides those legitimate interests.