Privacy Policy

1. Introduction

OpsBrief ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our communication intelligence platform ("Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, and organization details when you register
• Profile Information: Job title, timezone preferences, and communication preferences
• Payment Information: Billing address and payment method details (processed by our payment provider)
• Support Communications: Information you provide when contacting our support team

2.2 Information from Third-Party Integrations

When you connect the Service to communication platforms, we access:

• Slack: Workspace information, channel names, channel messages (from monitored channels only), user display names
• Microsoft Teams: Team information, channel names, channel messages (from monitored channels only), user display names
• Discord: Server information, channel names, channel messages (from monitored channels only), user display names
• GitHub: Organization and repository information, issue and pull request data, commit messages, release notes, and workflow status (from selected repositories only)
• PagerDuty: Account information, service names, incident details, alert data, and on-call schedules (from selected services only)
• Datadog: Organization information, monitor names, monitor configurations, alert events, and metric data (from selected monitors only)

Important: We only access channels, repositories, and services that you explicitly select for monitoring. We do not access direct messages, private conversations outside of selected channels, private repositories you have not authorized, or any resources you have not explicitly granted access to.

2.3 Automatically Collected Information

• Usage Data: Features used, pages visited, actions taken within the Service
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, referring URLs
• Cookies: Session cookies and authentication tokens

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process and analyze channel messages to extract significant events
• Generate AI-powered summaries and digests
• Send you email digests and notifications based on your preferences
• Process payments and manage your subscription
• Respond to your comments, questions, and support requests
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations

4. AI Processing and Third-Party Services

We use artificial intelligence services to analyze your communications and extract events. This involves sharing message content with AI providers:

• OpenAI: We use OpenAI's API to process messages and extract events. Messages are sent to OpenAI for processing but are not used to train their models (per OpenAI's API data usage policy).

We select AI providers that maintain appropriate security and privacy practices. However, you should review their privacy policies to understand how they handle data.

AI Accuracy: AI-generated content, including event extraction, summaries, and digests, may occasionally be inaccurate, incomplete, or miss important context. AI systems can make errors in interpretation, categorization, or summarization. We recommend reviewing AI-generated content and using it as a starting point rather than a definitive source. You can always access the original source messages through the provided links for full context and verification.

5. Data Sharing and Disclosure

We may share your information in the following circumstances:

5.1 With Your Consent

We may share information when you give us explicit permission.

5.2 Within Your Organization

Event summaries and digests may be shared with other members of your organization based on your configured settings and access permissions.

5.3 Service Providers

We share information with third-party vendors who assist us in providing the Service:

• Cloud hosting providers (data storage and processing)
• Payment processors (billing and subscription management)
• Email service providers (sending digests and notifications)
• Analytics providers (understanding Service usage)

5.4 Legal Requirements

We may disclose information if required to do so by law or in response to valid legal requests.

5.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Data Retention

We retain your information as follows:

• Account Data: Retained while your account is active and for 30 days after deletion
• Message Content: We do not store raw message content. Messages are processed in real-time and only extracted events are stored.
• Extracted Events: Retained according to your subscription plan and preferences
• Usage Logs: Retained for up to 12 months for security and analytics purposes
• Billing Records: Retained as required by law (typically 7 years)

7. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security assessments and monitoring
• Employee training on data protection
• Incident response procedures

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request your data in a portable format
• Objection: Object to certain processing of your information
• Restriction: Request restriction of processing
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Cookie Policy

We use cookies and similar technologies for:

• Essential Cookies: Required for the Service to function (authentication, security)
• Preference Cookies: Remember your settings and preferences (theme, language)
• Analytics Cookies: Help us understand how you use the Service

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Service.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

• Standard contractual clauses approved by relevant authorities
• Data processing agreements with service providers
• Compliance with applicable data protection laws

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how it's used
• Right to delete your personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your rights

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

• Legal basis for processing: consent, contract performance, legitimate interests, or legal obligation
• Right to lodge a complaint with a supervisory authority
• Right to data portability

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page, updating the "Last updated" date, and sending you an email notification where appropriate.

We encourage you to review this Privacy Policy periodically for any changes.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: