Evetro Privacy Policy
This policy is effective as of 26 June 2019.

About this policy

Your privacy is important to us. It is our policy to respect your privacy and to be transparent about any information we may collect from you across our application Evetro, and other sites we own and operate. This document is intended to help you understand:

This Privacy Policy covers the information we collect about you when you use our products or Services, or otherwise interact with Evetro (for example, attending Evetro events), unless a different privacy policy is displayed.

When we refer to "Evetro," "we," or "us" in this policy, we mean Evetro AS, which controls the information Evetro collects when you use the Services. Evetro AS offers tools for continuous improvement and collaboration, more specifically our web application for desktop and mobile platforms which can be accessed via our websites. We also own and operate a number of other websites and offer related services, like support and consultancy. We refer to the collection of all these products, other services, and websites as "Services" (capitalized) in this policy.


You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with your desired Services. Your continued use of our application will be regarded as acceptance of our practices around privacy and personal information. If you have any questions about how we handle user data and personal information, feel free to contact us.

What information we collect about you

We only require personal information when we need it to provide a service to you. In some cases you can be asked to provide optional personal information. In that case, it is used to enhance the quality of the Services we deliver to you and increase user experience.

Categories of personal information

"User Personal Information" is any personal information about one of our users which could, alone or together with other information, personally identify them. Information such as an email address and password, a real name, and a photograph are examples of “User Personal Information.” User Personal Information includes Personal Data as defined in the General Data Protection Regulation (GDPR).

"Technical Information" may include information we collect from website browsers, such as web server logs, or other log information, such as User session or activity logs. Technical Information may be connected to User Personal Information such as an email address, or to other potentially personally-identifying information like Internet Protocol (IP) addresses.

User Personal Information does not include aggregated, non-personally identifying information. We may use aggregated, non-personally identifying information to operate, analyze, improve, and optimize our Services.

Information from users with accounts

Evetro asks for “User Personal Information” when you register or modify your profile. When you register an account in Evetro, we require some basic information at the time of account creation. Evetro uses third party services for user registration, authentication and authorization. The user can choose to create an account either via other identity providers such as Google and GitHub, or by creating an account with a valid email and a user-selected password. If the user chooses to create an account using other identity providers, we will ask for profile information such as email address, as well as some other information such as a firstname, lastname, and profile picture if available. If the user creates an account directly by providing an email and a password, we will also ask for a firstname and lastname. You may also have the option to give us more information if you want to, and this may include "User Personal Information." We may keep track of preferences when you select settings within our Services.

Information you provide through our products

We collect and store content that you post, send, receive and share with our Services. This content includes any content, including information about you, that you may choose to include. Evetro employees do not access users’ data unless required to for security reasons, the data is specifically shared with or given to us or the public (for example comments in blogs, forums or feedback channels, etc.), to assist the retrospective’s users with a support matter, or to maintain the integrity of the service. Content you provide in retrospectives (e.g. notes and actions) may be viewed by any user that you (the creators or editors of a retrospective) choose to include in the retrospectives.

Information from website browsers

If you are browsing our websites, we collect the same basic information that most websites collect. We use common internet technologies, such as cookies and web server logs, to collect Technical Information. This is information we collect from everybody, whether they have an account or not.

The information we collect about all visitors includes the visitor’s browser type, language preference, referring site, additional websites requested, and the date and time of each visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses.

Log Files

Like many other websites, Evetro makes use of log files. These files merely logs visitors to the sites - usually a standard procedure for hosting companies and a part of hosting services's analytics. The information inside the log files includes Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), date/time stamp, error and crash data, referring/exit pages, and possibly the number of clicks. This information is used to administer and maintain our sites, analyze trends, track user's movement around the sites, and gather demographic information.


Evetro uses cookies to store information about visitors' preferences, to record user-specific information on which pages the site visitor accesses or visits, and to personalize or customize the content of our websites based upon visitors' browser type or other information that the visitor sends via their browser. Furthermore, the Evetro Web Application creates browser cookies to store the sessions of its users in order to remember them for the next access.

What information Evetro does not collect

We do not intentionally collect User Personal Information such as social security numbers, genetic data, health information, or religious information. Although Evetro neither request nor intentionally collect any other sensitive personal information, we realize that you might store this kind of information in your account, such as in a retrospective or in your public profile. If you store any sensitive personal information on our servers, you are responsible for complying with any regulatory controls regarding that data.

How we use information we collect

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.

To provide the Services and personalize your experience

We use information about you to provide the Services to you, including to authenticate you when you log in, provide customer support, and operate and maintain the Services. For example, we use the name and picture you provide in your account to identify you to other Service users.

For research and development

We are always looking for ways to make our Services smarter, faster, secure, integrated and useful to you. We use collective learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of the Services. We also test and analyze certain new features with some users before rolling the feature out to all users.

To communicate with you about the Services

We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.

To market, promote, and drive engagement with the Services

We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features and updates, survey requests, newsletters, and events we think may be of interest to you. You can control whether you receive these communications by communicating to us that you want to opt-out.

Customer support

We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services.

For safety and security

We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.

To protect our legitimate business interests and legal rights

Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

With your consent

We use information about you where you have given us consent to do so for a specific purpose not listed above.

How we share information we collect

When you use our Services, we share certain information about you with other Service users as described below.

Sharing with other Service users

When you use the Services, we share certain information about you with other Service users. This includes the retrospectives and the users from your teams that you choose to add to the retrospectives. You can create content, which may contain information about you. Some of the collaboration features of the Services display some or all of your profile information to other Service users when you share or interact with specific content. For example, when you create on a note, we may display your profile picture and name next to the note so that other users with access to the note understand who created it. Similarly, when you join a team, your name, profile picture and contact information may be displayed in a list for other team members so they can find and interact with you. When you create a user in Evetro, we also share some of your profile information with other users, including your name and profile picture, so that other users may invite you to their team or otherwise interact with you. Please note that the contents of your retrospectives is only available to the users you choose to add to your retrospectives, and that those users must already be part of at least one of your teams for that to happen.

Community channels

Our websites offer a publicly accessible blog, and our Evetro web application contains publicly available retrospectives that may be used as feedback forums. You should be aware that any information you provide in these websites, including profile information associated with the account you use to post the information, may be read, collected, and used by any member of the public who accesses websites. Your posts and certain profile information may remain even after you terminate your account. We urge you to consider the sensitivity of any information you input into these Services. To request removal of your information from publicly accessible websites operated by us, please contact us as provided below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.

How we store and secure information we collect

We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we’ll protect within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.

Information storage and security

We use data hosting service providers in the European Union (EU) to host the information we collect, and we use technical measures to secure your data. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. We will respond to requests about this within a reasonable timeframe.

How long we keep information

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Account information

We retain your account information until you delete your account. Please do not hesitate to contact us as described below if you want to delete your account, or otherwise need help with your account.

Information you share on the Services

If your account is deleted (or if you leave a retrospective), the content you have provided in a retrospective will remain in order to allow your team members or other users to make full use of the retrospective. For example, we continue to display notes that you provided or actions that you were connected to in retrospectives. However, your User Personal Information such as your name, email, profile picture, etc. will no longer be available and will be replaced with generic information to prevent identifying you. Note that we do not take responsibility if any of the content that you or your team provide in other areas of the Services (e.g. notes and actions) contains personally identifying information. The practice described above is also valid for other parts of the Services where appropriate.

How to access and control your information

You have the right to request a copy of your information, to request the deletion or restriction of your information, or to request your information in a structured, electronic format. We will respond to requests within a reasonable timeframe.

Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.

Children’s Information

If you're a child under the age of 13, you may not have an account on Evetro. We do not knowingly collect any personally identifiable information from children under the age of 13. If you as a parent or guardian believes that Evetro has in its database the personally-identifiable information of a child under the age of 13, please contact us immediately (using the contact information below) and we will use our best efforts to promptly remove such data from our records.

We believe it is crucial to provide added protection for children online. We encourage parents and guardians to spend time online with their children to observe, participate in and/or monitor and guide their online activity.

Other important privacy information

Our Services may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

Changes to the privacy policy

We may change this privacy policy from time to time. We will post any privacy policy changes in this document and, if the changes are significant, we will provide a more prominent notice by adding a notice on our blog, in our Evetro application, or by sending you an email notification. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.

If you disagree with any changes to this privacy policy, you will need to stop using the Services and ask us to deactivate your account.

Contact Information

If you have any questions regarding this privacy policy, please don’t hesitate to contact us.

Evetro AS Ole Tilseths Veg 15 7037 Trondheim Norway E-mail: post@evetro.com