ScrumThingSpecial
No card for trial
7-day deletion
$0.01/min overage
Multilingual

Privacy Policy

Last updated: December 2024

Introduction

ScrumThingSpecial transforms your notes, recordings, and CSV exports into stakeholder updates and sprint-ready stories using AI-powered tools.

We are committed to being privacy-first. This policy explains how we handle your data, what we collect, and how we protect your privacy while providing our services.

What we collect

Account information

Email address, name (optional), and authentication identifiers for secure access.

Usage metadata

Minutes used, plan status, events (e.g., “generated”, “uploaded”), and timestamps—but never your actual content.

Content handling

  • Pasted text: Processed in memory to generate outputs and not stored in our database.
  • Uploads & transcripts: Stored privately in Supabase Storage to complete your request and auto-deleted after 7 days.

Billing

Stripe customer and subscription IDs; we never store card numbers or payment details.

Diagnostics

Sentry for error tracking and PostHog for anonymous product analytics. No raw content is captured.

How we use data

We use your data to:

  • Authenticate your account and provide our services
  • Show usage meters and track your plan status
  • Bill for overage charges when you exceed monthly limits
  • Improve service reliability and performance
  • Send transactional emails via Resend: verification, trial reminders, usage thresholds, and invoices

AI processing

Transcription

Whisper-1 processes audio and video files to create text transcripts.

Generation

GPT-5 nano drafts outputs; one smart-retry with GPT-5 nano on thumbs-down feedback.

We instruct our AI models not to invent people, dates, or metrics. However, outputs may contain mistakes; you should always review before sharing with stakeholders.

OpenAI Content Sharing Agreement

⚠️ Important: By using our AI services, you agree to OpenAI's Content Sharing Agreement

What this means for you

When you use our AI generation and retry services, your content may be used by OpenAI to:

  • Develop and improve AI services
  • Train and evaluate AI models
  • Conduct research and testing
  • Enhance service performance and reliability

Your responsibilities

You must ensure that:

  • You have rights: You own or have permission to use all content you submit
  • No sensitive data: Do not submit confidential, proprietary, or sensitive information
  • No PHI: Do not submit Protected Health Information (HIPAA-regulated data)
  • No children's data: Do not submit personal data of children under 13
  • Proper consent: If sharing others' data, ensure you have their consent

What we do NOT share

  • Account information: Your email, name, and authentication details
  • Billing data: Payment information and subscription details
  • Usage metadata: How often you use our services
  • Uploaded files: Audio/video files are processed locally and not shared

Your content protection: We only share the text content you submit for AI generation. We never share your account details, uploaded files, or any other personal information with OpenAI.

Data retention

  • Uploads & transcripts: Automatically deleted after 7 days
  • Pasted text: Never stored in our database
  • Billing records & invoices: Retained per Stripe's legal requirements
  • Backups & logs: Metadata only (no raw content)

Sharing & vendors

We work with trusted third-party services:

  • Supabase: Authentication, PostgreSQL database, and secure storage with Row Level Security (RLS)
  • Stripe: Payment processing and subscription management
  • OpenAI: Whisper transcription and GPT-5 nano mini/4o generation
  • Resend: Transactional email delivery
  • Sentry: Error tracking and monitoring
  • PostHog: Anonymous product analytics

Important: We do not sell, rent, or share your personal data with third parties for marketing purposes.

Security

We implement industry-standard security measures:

  • Row Level Security (RLS) ensures owner-only data access
  • Private storage buckets with encrypted data
  • HTTPS encryption for all data transmission
  • Scoped API tokens with least privilege access
  • Regular security audits and updates

Your responsibility: You are responsible for keeping your account credentials secure and notifying us of any unauthorized access.

Your choices

You have control over your data:

  • Access and update your profile information
  • Delete your account (this purges all data and storage)
  • Opt-out of analytics via browser Do-Not-Track (we respect this setting)
  • Future analytics opt-out settings will be available in your account

International

Your data may be processed in the European Union or United States. We use reputable data processors and implement standard data protection measures to ensure your privacy rights are respected.

Contact

For privacy-related requests, questions, or concerns, please contact us at: privacy@scrumthingspecial.com

Last updated

This Privacy Policy was last updated on December 2024.

Ready to get started?

Start your 7-day free trial today. No credit card required.

Start 7-day free trial (no card)