DevRev Privacy Policy

Effective starting: December 1, 2022

Overview

This Privacy Policy was developed by DevRev, Inc. and its related entities ("DevRev", "we", "us" or "our") and is applicable to all visitors and registered or licensed users of our Website(s), our Products, and our Services (collectively "DevRev Services").

We are committed to protecting your personal data and privacy and we follow the best practices and guidelines while collecting, processing, transferring and storing any Personally Identifiable Information (PII). Accordingly, we have developed this Policy in order to explain to you how we collect, secure, use, communicate and disclose, share and handle data pertaining to you.

By using or registering on the DevRev website (https://devrev.ai) or the DevRev app (app.devrev.ai) or any other DevRev Services, you consent to the collection, use and processing of any data pertaining to you as described in this privacy policy.

Why do we collect your information?

We collect some information related to you automatically while you are using the DevRev website or app and some information directly from you. We collect your for the following reasons:

  1. To confirm your identity. We need to identify you uniquely and for that purpose we use your PII, including your email address.
  2. Service provision. We need to use your PII to provide the services through the DevRev platforms. Here are some instances: your country is used to identify the jurisdiction you belong to so that we can handle your data, and provide services adhering to applicable laws. If you request support, we use your contact details to get in touch with you. If you want to pay for a service, we use your payment details to process that payment.
  3. To improve and customize your content. In order to provide the best user experience, based on the familiarity level of the user with the DevRev platform and the use cases they try to implement.
  4. Analyze how the DevRev platform is being used. We rely on analytics of youbrowser based activity and applications to improve the performance of our platform. Among examples: we use analytics to evaluate design decisions, find bugs in the systems, and recommend actions and features to users. These are collected in an anonymous manner.
  5. To update you on our services. If there are updates to your service, important information you need to know, or if we think you would be interested in our technology and what we’re doing with it, we’ll get in touch with you using your contact details. You can unsubscribe from our marketing emails at any time by either clicking on the unsubscribe link at the bottom of the email.

How do we collect your information?

Information we collect automatically: As is the case with almost all services and websites available on the Internet, we collect some information related to you automatically while you are using the DevRev Services. Here is the information we collect automatically when you visit the DevRev website or product:

  1. Your I.P. address, your browser type, device info, the time and frequency you access our site, and the URL you came from. This type of generic information won’t reveal your identity as a visitor but is still useful to us to analyze the user regions, frequently visited portions of our site and develop device specific improvements.
  2. The interactions with app.devrev.ai as a logged-in user. This information is important to us to analyze the ways in which you interact with the DevRev App, to understand the users’ needs and to make our service better suited to those needs. Such usage data does not identify you personally.
  3. The application logs that are corresponding to the activities you do on app.devrev.ai as a logged-in user. These logs will be tracked against your corresponding DevRev identity for auditing and troubleshooting purposes.
  4. When you sign up or/ sign in to the app.devrev.ai from an external identity provider, we store a persistence reference to your account at the external identity provider, provided to the DevRev platform by your identity provider.

Information we collect directly: We collect the following information from you directly when you interact with the DevRev platform at different stages. When you sign up on the DevRev website or on the DevRev App at app.devrev.ai we collect your display name, country, and email address with your consent. If you are subscribing to paid services we collect your payment information.


Information you provide: When you interact with the DevRev platform at different stages, you may decide to provide certain information to the DevRev platform with respect to users under your control. In such a case DevRev platform is only activating as a processor of the corresponding Personally Identifiable Information (PII) and you take the responsibility of taking any appropriate consent from the users, before sharing any PII with the DevRev platform.

When you import data from any of the available connectors such as to the DevRev platform, the attributes each connector collects from the corresponding external services are defined by the connector itself:

  1. The connector may import the following attributes from the corresponding connector account:groups, roles, user names and email addresses; issues; comments; attachments; projects including configurations.
  2. The connector may also import the following attributes from the corresponding organization: users, teams;; source code; milestones; issues; comments; projects; pull-requests; commits.

Please note that any information you provide when using certain services that are open, public or forum including (without limitation) any blog, community or discussion board, is not considered confidential, does not constitute “Personal Information”, and is not subject to protection under the Privacy Policy. Since such public environments are accessible by third parties, it is possible that third parties may collect and collate and use such information for their own purposes. You should accordingly be careful when deciding to share any of your “Personal Information” in such public environments. We are not liable to you or any third party for any damages that you or any third party may suffer howsoever arising from your disclosure of “Personal Information” in such a public environment. Accordingly, any disclosure of information in a public environment is at your own risk.


How is the information used?

We use the information we collect about you (including PII to the applicable extent) for a variety of purposes, including to:

  1. Provide, operate, maintain, improve, and promote DevRev Services;
  2. Enable you to access and use DevRev Services;
  3. Process and complete transactions, and send you related information, including purchase confirmations and invoices;
  4. Communicate with you, including responding to your requests, comments, questions; providing customer service and support; providing you with information about updates, new launches, improvements, services, features, surveys, newsletters, offers, promotions, contests and events; providing other news or information about us and our select partners; and sending you technical notices, updates, security alerts, and support and administrative messages. Generally, you have the ability to opt out of receiving any promotional communications.
  5. Monitor and analyze trends, usage, and activities in connection with DevRev Services and for marketing or advertising purposes;
  6. Investigate and prevent fraudulent transactions, unauthorized access to DevRev Services, and other illegal activities;
  7. Personalize DevRev Services, including by providing content, features, or suggestions that match your interests and preferences;
  8. Enable you to communicate, collaborate, and share content with users you designate;
  9. For any other purposes that we notify you about.


Analytics
We make extensive use of analytics information to understand how DevRev Services are being configured and used, how they can be improved for the benefit of all of our users, and to develop new products and services.

Securing PII
DevRev is committed to secure your personal information while collecting, processing, transferring and storing. All personal information is transmitted over a secured channel with Transport Layer Security (TLS) and stored securely. Access to the PII via APIs are strictly restricted by access control policies. We treat data as an asset that must be protected against loss and unauthorized access. Please be aware that while we take reasonable efforts to guard your PII, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications mechanism, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.

Information sharing and disclosure.
We do not share or disclose your PII with third-parties, except as described in this policy, We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services. We do not sell your PII, and we do not share your PII with third-parties for their marketing purposes without your permission. This is how your information may be shared:

  1. With your consent: We may share your PII with third-parties when you have consented to it.
  2. Business partners and service providers: We may work with third-party service providers to provide storage, infrastructure, analysis or other services, who may have access to or process your PII as part of providing those services for us.
  3. Legal compliance, protection and security: We may disclose your Information (including your PII) to a third-party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request; (b) to protect the security or integrity of DevRev's products and services; (c) to enforce our agreements, policies and terms; (d) to protect DevRev, our customers or the public from harm or illegal activities; or (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
  4. Business reasons: We may share or transfer your information (including your PII) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  5. Anonymized or aggregate data: We may also share aggregated or anonymized information that does not directly identify you with the third-parties described above.
  6. Third-party applications: You may choose to make use of third-party add-ons in conjunction with DevRev Services. Third-party add-ons are software written by third-parties to which you grant access privileges to your information (including your PII). We do not control the processing of information that you choose to share with such third-party add-on providers even though they may be available through the DevRev Services. This Privacy Policy does not cover the collection or use of your data by third-party add-ons and you should review their terms separately.

How long we keep information?

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or de-identify your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services. For example, we continue to display messages you sent to the users that received them and continue to display content you provided, but when requested, details that can identify you will be removed.

Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account.

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your DevRev account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

How to access and control your information: You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and any limitations.

Your Choices:

You have the right to request a copy of your information, to object to our use of your information (including for marketing/growth purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Below, we describe the tools and processes for making these requests. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator (see "Notice to End Users" below), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the “Contact Us” section below to request assistance.

Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.

Access and update your information: Our Services and related documentation give you the ability to access and update certain information about you from within the Service. For example, you can access your profile information from your account and search for content containing information about you using keyword searches in the Service. You can update your profile information within your profile settings and modify content that contains information about you using the editing tools associated with that content.

Deactivate your account: If you no longer wish to use our Services, you or your administrator may be able to deactivate your Services account. If you wish to deactivate your own account, that setting is available to you in your account settings. Otherwise, please contact your administrator. If you are an administrator and are unable to deactivate an account through your administrator settings, please contact the appropriate support team (see DevRev support pages). Please be aware that deactivating your account **does not delete your information**; your information remains visible to other Service users based on your past participation within the Services. For more information on how to delete your information, see below.

Delete your information: Our Services give you the ability to delete certain information about you from within the Service. For example, you can remove content that contains information about you using the key word search and editing tools associated with that content, and you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

Request that we stop using your information: In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information for purposes mentioned in this Privacy Policy and for marketing and advertising purposes where you believe we don't have the appropriate rights to do so. For example, if you believe a Services account was created for you without your permission or you are no longer an active user, you can request that we delete your account. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us. When you make such requests, we would need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable). If you object to information about you being shared with a third-party app, please disable the app or contact your administrator to do so. If you have permitted us to share your information with a third-party app and would want to withdraw your consent thereafter, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted.

Opt-out of communications: You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your account settings. Please note, you will continue to receive generic ads.
You may be able to opt out of receiving personalized advertisements from other companies who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising. For more information about this practice and to understand your options, please visit: http://www.aboutads.info, http://optout.networkadvertising.org/ and http://www.youronlinechoices.eu.

Send "Do Not Track" Signals: Some browsers have incorporated "Do Not Track" (“DNT”) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing from us as described above. Having content embedded on DevRev's website such as a social feature may set cookies on your browser and/or obtain information about the fact that a web browser visited a specific Devrev website with a certain IP address. Third parties can't collect any other PII from our website unless you directly provide it to them.

Data portability: Data portability is the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic account information and the information you create on the spaces under your sole control.
How we transfer information we collect internationally

International transfers of information we collect
We collect information globally and may transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services. Whenever we transfer your information, we take steps to protect it.

International transfers within the DevRev Companies: To facilitate our global operations, we transfer information globally and allow access to that information from countries in which the DevRev owned or operated companies and have operations for the purposes described in this policy. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based. When we share information about you within and among DevRev corporate affiliates, we make use of standard contractual data protection clauses, which have been largely adopted by countries worldwide or other appropriate legal mechanisms to safeguard the transfer.

International transfers to third parties: Some of the third parties described in this privacy policy, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of customers in the European Economic Area, the UK, or Switzerland, we make use of the European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer.

Notice to End Users

Many of our products are intended for use by organizations. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization's policies. We are not responsible for the privacy or security practices of an administrator's organization, which may be different than this policy.

Administrators are able to:

  • require you to reset your account password;
  • restrict, suspend or terminate your access to the Services;- access information in and about your account;
  • access or retain information stored as part of your account;
  • install or uninstall third-party apps or other integrations

In some cases, administrators can also:

  • restrict, suspend or terminate your account access;
  • change the email address associated with your account;
  • change your information, including profile information;
  • restrict your ability to edit, restrict, modify or delete information

Even if the Services are not currently administered to you by an organization, for e.g., if you use an email address provided by an organization (such as your work email address) to access the Services, then the owner of the domain associated with your email address (e.g. your employer) may assert administrative control over your account and use of the Services at a later date. You will be notified if this happens.

If you do not want an administrator to be able to assert control over your account or use of the Services, you should deactivate your membership with the relevant enterprise, or use your personal email address to register for or access the Services. If an administrator has not already asserted control over your account or access to the Services, you can update the email address associated with your account through your account settings in your profile. Once an administrator asserts control over your account or use of the Services, you will no longer be able to change the email address associated with your account without administrator approval.

Please contact your organization or refer to your administrator’s organizational policies for more information.

California Requirements

(Exercising your rights: If you are a California resident, there are some additional rights that may be available to you under the California Consumer Protection Act (“CCPA”) such as the right to deletion and the right to request access to the categories of information we have collected about you. We encourage you to manage your information, and to make use of the privacy controls we have included in our Services. You will not be discriminated against for exercising any of your privacy rights under the CCPA. In order to protect your information from unauthorized access or deletion, we may require you to provide additional information for verification. If we cannot verify your identity, we will not provide or delete your information.)

Exercising Your Rights.
In accordance with the CCPA, and subject to exceptions, California Consumers (as that term is defined in the CCPA) have the following rights:

  1. Access. You have the right to request that DevRev disclose and deliver the categories of Personal Information DevRev has collected about you, or the specific pieces of Personal Information the business has collected about you;
  2. Deletion. You have the right to request the deletion of your Personal Information in certain situations, except where the law allows a business to maintain a Consumer’s Personal Information, including where the Personal Information is necessary to perform a contract between the business and the consumer;
  3. Opt-Out. You have the right to opt-out of the sale of your Personal Information, but as stated above.
  4. Non-Discrimination. You have the right to not be discriminated against, for exercising any of your privacy rights under the CCPA.

In order to protect your information from unauthorized access or deletion, we may require you to provide additional information for verification. If we cannot verify your identity, we will not provide or delete your information. We encourage you to manage your information, and to make use of the privacy controls we have included in our Services

Sharing your personal information: We don't sell any of your personal information. We do share your information with third-party apps. We also show ads that we think are relevant. Accordingly no personal information has been sold/shared in the past 12 months subject to this Privacy Policy.

Processing your information: We may process your information for "business purposes" under the CCPA - such as to protect against illegal activities, and for the development of new products, features, and technologies.


If you have any questions or would like to exercise your rights under the CCPA, you can reach out to us at support@devrev.ai

Updates and modification to the Privacy Policy

We reserve the right to change the Privacy Policy from time to time as seen fit and the last updated date will be mentioned on the page. If there is any substantive change to this Privacy Policy, you will be notified by an email sent to you at your most recently provided E-mail address, a prominent notice posted on the website homepage, or by other means in accordance with the applicable law. ( Since we will not be notifying you individually when the Policy is revised, ) you are advised to re-read the Privacy Policy on a regular basis.

Your continued use of the DevRev Services will signify your acceptance of any amendment to these terms. Should it be that you do not accept any of the modifications or amendments to the Privacy Policy, you may terminate your use of DevRev Services.

Our policy towards children

The Services are not directed to individuals under 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information in accordance with the Children's Online Privacy Protection Act of 1998 ("COPPA"). If you become aware that a child has provided us with personal information, please contact us.

European Economic Area ("EEA") Requirements.

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them.

If you have questions or concerns about how your information is handled, please direct your inquiry to DevRev, which we have appointed to be responsible for facilitating such inquiries or, if you are a resident of the European Economic Area, please contact our EU Representative.

Questions.

For further information about our privacy policy or any concerns or complaints, please contact us via email: support@devrev.ai.

Last revised on: 1st December 2022