PrivacyPolicy

At OpShift, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our incident management platform and services.

1. Information We Collect

1.1 Information You Provide

We collect information that you provide directly to us, including:

• Account information (name, email address, password)
• Team and organization information
• On-call schedule and rotation details
• Alert and incident data
• Communication preferences
• Payment and billing information

1.2 Automatically Collected Information

When you access our services, we automatically collect certain information, including:

• Log data (IP address, browser type, pages visited)
• Device information (device type, operating system)
• Usage data (features used, actions taken)
• Cookies and similar tracking technologies

1.3 Information from Third Parties

We may receive information from third-party services you connect to OpShift, such as:

• Slack workspace and user information
• Calendar integration data
• Authentication providers (Google, Microsoft, etc.)

2. How We Use Your Information

We use the collected information for various purposes:

• Provide, maintain, and improve our services
• Send alerts and notifications about incidents
• Manage on-call schedules and rotations
• Process payments and billing
• Communicate with you about updates and features
• Analyze usage patterns and optimize performance
• Detect and prevent fraud and abuse
• Comply with legal obligations

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

3.1 With Your Consent

We share information when you explicitly authorize us to do so, such as when you connect third-party integrations.

3.2 Service Providers

We work with third-party service providers who perform services on our behalf, such as:

• Cloud hosting and infrastructure providers
• Payment processors
• Email and SMS delivery services
• Analytics and monitoring tools

3.3 Legal Requirements

We may disclose information if required by law or in response to valid legal requests, such as subpoenas or court orders.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal or compliance purposes.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Receive your data in a portable format
• Opt-out: Unsubscribe from marketing communications
• Restriction: Limit how we process your information

To exercise these rights, please contact us at privacy@opshift.com

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Remember your preferences and settings
• Understand how you use our services
• Improve our services and user experience
• Provide security features

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our services.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

9. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us: