Privacy Policy

Last updated: February 10th, 2026

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

1 Interpretation and Definitions

1.1 Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

1.2 Definitions

For the purposes of this Privacy Policy:

  • Application, App or Service refers to software provided by the Company, including applications distributed via Atlassian Marketplace, Microsoft AppSource, Microsoft Teams, or other platforms.
  • You means an individual accessing or using the Service, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
  • Company refers to a legal entity ALDV OPS SK s. r. o., Tolsteho 5, 81106 Bratislava, Slovakia. Company ID: 54005949.
  • GDPR General Data Protection Regulation (EU) 2016/679.
  • Service Provider means a third-party company or individual that processes data on behalf of the Company to operate or support the Service.
  • Application Content Data means any data created, uploaded, or stored by users or their organization within the Application, such as timesheet entries, notes, calendar information, tasks, or configuration data.
  • Personal Data means any information that identifies or can reasonably identify an individual, such as name, email address, account identifiers, or IP address.
  • Platform Metadata means any technical identifiers and authorization data required for the Application to operate within third-party platforms such as Atlassian, Microsoft, or Google services. This may include account identifiers, tenant or instance identifiers, and access tokens.
  • Usage Data means technical and diagnostic information collected automatically when the Service is used, such as device information, log data, or interaction metrics.
  • Our website – refers to all the information made visible on the website https://www.aldevadigital.com.

2 Data We Process

2.1 Application Content Data

Our Applications process data created or entered by users or their organization, such as timesheets, notes, calendar entries, tasks, and configuration information.

This data is processed solely to provide the functionality of the Service and is associated with the customer’s platform account or tenant.

2.2 Personal Data

We process limited Personal Data only as necessary to identify users, provide support, and operate the Service.

2.3 Platform Metadata

To operate within third-party platforms (such as Atlassian, Microsoft, or Google services), we process Platform Metadata including account identifiers, tenant identifiers, and authorization tokens.

This data is required to authenticate users, maintain integrations, and associate Application Content Data with the correct organization.

Atlassian data — When you use our Applications within Atlassian products (such as Jira or Confluence), we may process basic account information provided by the Atlassian platform, such as account identifiers, display name, or instance URL. This information is used solely to identify the user and associate Application Content Data with the correct account or organization. Our Applications do not access or process other user content within Atlassian unless explicitly required for the functionality of a specific Application.

MS Teams data — When you use our applications distributed via Microsoft Teams or Microsoft AppSource, we may process basic profile information provided by the Microsoft Teams client, such as: user identifier, display name. This information is used solely to identify the user within the service. Our Microsoft Teams applications do not access message content, files, or other user data unless explicitly stated.

Google OAuth2 data — When a user connects a Google account via OAuth2, the Application requests basic account identifiers (such as Google user ID and display name) to establish and maintain the authorized connection.
Additional permissions, including access to email address or calendar-related data, are requested only where required to enable specific functionality initiated by the user.
Access tokens are stored securely and may be revoked at any time through the user’s Google account settings. Our use of Google user data complies with the Google API Services User Data Policy and Limited Use requirements.

Microsoft OAuth2 data — When a user connects a Microsoft account to the Application via OAuth2, we process basic account identifiers (such as Microsoft user ID and display name) to establish and maintain the authorized connection.
Additional permissions, including access to email address or calendar-related data, are requested only where strictly necessary to enable functionality selected by the user.
Access tokens are stored securely and retained only for the duration required to maintain the connection. Users may revoke permissions at any time through their Microsoft account settings.

2.4 Usage Data

We automatically collect technical and diagnostic information necessary to maintain security, monitor performance, and improve reliability.

2.5 Other types of data

Contact data — While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Contact Data may include your name and email address.

Website www.aldevadigital.com data — We collect certain types of information when you visit and interact with our website. This may include cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and improve our services. We use tools such as Google Analytics to gather anonymized data about your usage patterns, such as pages visited, time spent on the site, and other metrics. Additionally, we may use tracking tools like the Facebook Pixel to support targeted advertising and measure the effectiveness of our marketing campaigns. Any information collected is used in compliance with applicable privacy laws and is handled securely. Read more in our Cookie policy.

3 Use of data

The Company processes only the data necessary to provide the Service and does not access or store customer content unless required for functionality. The Company does not use customer data for profiling, advertising, or data mining.

3.1 Use of Application Content Data

The Company processes Application Content Data created or provided by users or their organization solely for the purpose of delivering of the Service.

Application Content Data may include information such as timesheet records, notes, calendar entries, task data, or configuration settings.

This data is used only to:

  • Provide the requested functionality of the Application
  • Store and display user-created records
  • Associate records with the correct account or organization

The Company does not use Application Content Data for advertising or unrelated purposes and does not access such data except when necessary for technical support, maintenance, or legal obligations.

3.2 Use of Personal Data

The Company processes limited Personal Data necessary to operate the Service and communicate with users.

Personal Data may be used to:

  • Identify users within the Service
  • Provide customer support
  • Respond to inquiries or requests
  • Send important service-related communications

The Company does not sell Personal Data.

3.3 Use of Platform Metadata

The Company processes Platform Metadata in order to operate the Service within third-party platforms such as Atlassian, Microsoft, or Google services.

Platform Metadata is used to:

  • Authenticate users and maintain authorized connections
  • Associate Application Content Data with the correct platform account or tenant
  • Maintain integration functionality

Authorization tokens are stored securely and retained only for as long as necessary to maintain the connection. Users may revoke permissions through their platform provider at any time.

3.4 Use of Usage Data

The Company uses Usage Data to maintain the security, performance, and reliability of the Service.

Usage Data may be used to:

  • Monitor system operation
  • Detect and prevent abuse or unauthorized access
  • Diagnose technical issues
  • Improve Service stability and functionality

4 Data retention

Depending on the application and configuration, authorized administrators may be able to export or delete application data directly through the Service. Where self-service functionality is not available, requests can be submitted to us and will be processed within a reasonable timeframe.

Application and Account-Related Data

Application Content Data, Platform Metadata, and associated Personal Data are retained for the duration of the Customer’s use of the Service.

This includes data created or stored within the Application (such as timesheets, notes, or calendar entries), as well as identifiers and authorization data required to associate the data with the correct account or organization.

When the Application is uninstalled or the Customer stops using the Service, this data may be retained for up to 90 days in order to allow restoration if the Service is re-activated.

Customers may request earlier deletion of their data at any time by contacting the Company. Upon such request, the Company will delete the data within a reasonable timeframe, unless retention is required to comply with legal obligations.

After the applicable retention period, the data may be permanently deleted and may not be recoverable.

Deleted data may remain in encrypted backups for a limited period before being automatically overwritten.

Usage data

Usage Data is typically retained for shorter periods and may be anonymized or aggregated for security, diagnostics, and service improvement purposes.

Anonymized Usage Data may be retained for longer periods because it no longer identifies individual users.

5 Data access

The Company restricts access to Application Content Data, Platform Metadata, Personal Data, and related information to only those persons and systems that require such access to operate, maintain, or support the Service.

Access is limited to authorized personnel and is performed only when necessary for the purposes described in this Privacy Policy.

The Company does not routinely review or monitor Application Content Data and does not access customer content unless required to provide support, maintain the Service, or comply with applicable law.

Access to production systems is protected through authentication controls and is limited to personnel responsible for operating the Service.

Support access to customer data may be performed only upon request or with authorization from the customer.

6 When We Share or Disclose Data

The Company does not sell customer data. We limit sharing of data to the minimum necessary to operate the Service.

Service Providers

Application Content Data, Platform Metadata, Personal Data, and Usage Data may be processed by authorized Service Providers that host or support the infrastructure of the Service (such as cloud hosting providers). These providers act only on behalf of the Company and are contractually required to protect the data and use it solely for the purpose of operating the Service.

Application Content Data and Platform Metadata is accessible only to authorized users within the customer’s organization and to the Company only as described in the Data Access section.

A current list of our subprocessors and infrastructure service providers, including their processing locations, is available at: https://www.aldevadigital.com/subprocessors/.

Customer-Controlled Access

Application Content Data is accessible only to authorized users within the customer’s organization according to permissions configured within the platform.

Legal Requirements

The Company may disclose data if required to do so by law or valid request by government authorities.

Business Transfers

If the Company is involved in a merger, acquisition, or sale of assets, data may be transferred as part of the transaction. In such cases, the Company will take reasonable steps to ensure that confidentiality and security protections remain in place.

The Company does not access or review Application Content Data and Platform Metadata as part of such transfers except as necessary to maintain the Service.

7 Data security

The Company implements reasonable technical and organizational measures designed to protect Application Content Data, Platform Metadata, Personal Data, and Usage Data from unauthorized access, disclosure, alteration, or loss. Access to production systems is restricted to authorized personnel and data is transmitted using secure communication protocols. While we take appropriate steps to safeguard the information processed by the Service, no method of transmission or storage can be guaranteed to be completely secure.

8 GDPR Privacy

Legal Basis for Processing

The Company processes Personal Data only where permitted under applicable data protection laws. Depending on the context, processing may be based on:

  • Performance of a contract
  • Legitimate interests related to operating and improving the Service
  • Compliance with legal obligations
  • User consent, where required

Your Data Protection Rights

Individuals located in the European Economic Area (EEA) have the right to:

  • Request access to their Personal Data
  • Request correction or deletion
  • Object to or restrict processing
  • Request data portability where applicable
  • Withdraw consent where processing is based on consent

Requests may be submitted by contacting the Company. We may require verification of identity before responding.

Complaints

You have the right to lodge a complaint with your local data protection authority if you believe your data protection rights have been violated.

9 Third-party links

Our website or Service may contain links to third-party platforms such as Atlassian Marketplace or Microsoft AppSource for installation or distribution of our Applications. These platforms are operated by independent third parties, and we are not responsible for their content or privacy practices. We encourage users to review the privacy policies of any external sites they visit.

10 Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the functionality of the Service. When changes are made, the updated version will be published on our website and the “Last updated” date will be revised. Where appropriate, we may also provide notice through the Application, marketplace listings, or other available communication channels. Because the Service is distributed through third-party platforms, we may not always be able to notify individual users directly.

We encourage customers and users to review this Privacy Policy periodically.

11 Contact Us

If you have questions about this Privacy Policy or requests related to data protection, you may contact the Company at privacy@aldevadigital.com.