Privacy Policy

Last Updated: June 6, 2025

Company Name: Iterator PM

Contact Email: privacy@iteratorpm.com

1. Introduction

This Privacy Policy explains how Iterator PM ("we," "us," or "our") collects, uses, discloses, and safeguards your information when you use our cloud-based project management service ("Iterator Cloud Service") available at https://iteratorpm.com and related applications.

By using the Iterator Cloud Service, you consent to the data practices described in this policy. If you do not agree, please do not access or use our services.

2. Scope

This policy applies to:

• The Iterator Cloud Service web application
• Official mobile applications
• API integrations
• Customer support interactions
• Marketing and sales communications

3. Information We Collect

3.1 Information You Provide

• Account Information: Name, email, password, profile picture
• Payment Information: Billing details, credit card information (processed by our payment processor)
• Project Data: Stories, tasks, comments, and other content you create
• Team Information: Member emails, roles, and permissions
• Support Communications: Emails, chat logs, support tickets

3.2 Automatically Collected Information

• Usage Data: Feature usage, clickstream data, timestamps
• Device Information: Browser type, OS, IP address, device identifiers
• Cookies & Tracking: Session cookies, analytics tokens (see Section 7)

3.3 Data from Third Parties

• Integrated services (Slack, GitHub, etc.)
• Payment processors (Stripe, etc.)

4. How We Use Your Information

We process your data to:

• Provide and maintain the Iterator Cloud Service
• Process payments and prevent fraud
• Communicate service updates and security alerts
• Improve our services through analytics
• Respond to support requests
• Comply with legal obligations

5. Data Sharing & Disclosure

We may share information with:

• Service Providers: Hosting, payment processing, analytics
• Business Transfers: In case of merger or acquisition
• Legal Compliance: When required by law or to protect rights

We do not sell your personal information to third parties.

6. International Data Transfers

For users outside the United States:

• Data may be transferred to and processed in the U.S.
• We implement Standard Contractual Clauses for EU/UK transfers
• Additional safeguards are applied as required by local laws

7. Cookies & Tracking Technologies

We use:

• Essential Cookies: For core functionality
• Preference Cookies: To remember user settings

You can manage preferences via browser settings or our cookie banner.

8. Data Security

We implement:

• Encryption in transit (TLS 1.2+)
• Regular security audits
• Access controls and monitoring
• SOC 2 Type II compliant infrastructure

9. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access your personal data
• Request correction or deletion
• Restrict or object to processing
• Data portability
• Withdraw consent

To exercise these rights, contact privacy@iteratorpm.com.

10. Data Retention

We retain data:

• While your account is active
• As needed for legal/compliance purposes
• In backups for disaster recovery (typically 30 days)

11. Children's Privacy

Our service is not directed to children under 16. We do not knowingly collect their data.

12. California Privacy Rights

California residents may:

• Request disclosure of data categories shared
• Opt-out of "sales" (though we don't sell data)
• Designate an authorized agent

13. Changes to This Policy

We will notify users of material changes via:

• Email to account owners
• In-service banners
• Updated "Last Updated" date

14. Contact Us

For privacy concerns:

Email: privacy@iteratorpm.com

EU/UK residents may lodge complaints with their local data protection authority.