Data Security and Privacy Statement
Overview
This document is in addition to the 55 Degrees Privacy document, the 55 Degrees Order Agreement for Cloud customers and the DPA (included in the Order Agreement) provided by 55 Degrees and explains how ActionableAgile for Azure DevOps stores the data it captures.
Data storage terms and data storage location
ActionableAgile for Azure DevOps retrieves data from the systems you connect to via our wizards or via an upload of an external file. Once retrieved, the data is stored in the local browser using DOM localStorage and/or sessionStorage in order to improve any future data retrievals. The end-user can at any time empty the localStorage and SessionStorage through the ActionableAgile User Interface.
Please read the product documentation for further details.
Subscription data and data storage
All of subscription data (PII related to the account holder) is stored in our subscription system, Recurly. 55 Degrees does not have access to the full credit card data in Recurly but does have access to see some information such as name of cardholder, last 4 digits, expiration date and billing address.
We map the Azure ID to the subscription and store this mapping in 55 Degrees. Azure IDs are only resolvable at the time of page request to verify access or to show the subscription owner any managed users. Read more.
Preferred Vendors
At this time, 55 Degrees utilizes 2 vendors to provide the functionality within ActionableAgile for Azure DevOps:
Google Firebase (Function-as-a-service and firestore services)
Recurly (subscription management)
Logging
We log the authenticated user ID and and the source ip for authentication and compliance reasons.
Account removal and data retention
This section explains how a customer can close an account and remove their data from our service.
A customer can cancel their subscription to ActionableAgile and control their billing information. Canceling your subscription sets it to expire at the end of your current billing period. Your account stays open in Recurly, our subscription management system, to allow for easy future subscription purchasing and access to your billing documents. We can close accounts if all business is concluded with a customer. Even for closed accounts we maintain required information for tax and accounting purposes according to Swedish law.
Any data stored in the browsers localStorage (for performance reasons) will persist in the browser until the user enters into the ActionableAgile app at which point it may be expired due to timeliness OR the end-user may choose to manually clear the localStorage.
At any time the end-user may choose to use the browser controls to clear the localStorage outside of ActionableAgile’s user interface.
Please read the product documentation for further details.
Data portability
This section explains if and how a customer can extract their data from your service.
The ActionableAgile Analytics app does not create any new data but rather analyses and visualizes it. Because of this there is no Azure work data stored on our services.
Please read the product documentation for further details.
Application and infrastructure security
This section explains what security measures we've taken in our application and infrastructure.
The 55 Degrees support team accesses app data only for purposes of application health monitoring, performing system updates, application maintenance, and/or upon customer request for support purposes.
Only authorized 55 Degrees employees to have access to customer subscription data and usage logs.
Customers are responsible for maintaining the security of their own login information.
Communication between the Cloud products and the 55 Degrees servers are done using web requests. All web requests are digitally signed, authenticated, and authorized.
All deployments are handled through a central CI/CD change and are only accessible through secure protocols (e.g. https and/or ssh).
Please read the product documentation for further details.
Security disclosure
This section explains how and under what circumstances we notify our customers about security breaches or vulnerabilities and indicate how a user or security researcher should disclose a vulnerability found in our add-on to us.
Security breaches or vulnerabilities with the proposed solution of the problem are published on our website.
Customers can report security breaches or vulnerabilities using support@55degrees.se e-mail address.
Please read the product documentation for further details.
Privacy
Data collected during the use of ActionableAgile will not be shared with third parties except if required by law.