Security practices and data storage

  1. When a team member sends their stand up details where is this data stored?

We store your data in a secure database that is locked behind a firewall. Only select servers have access to this database and the outside world cannot access this database. The data is sent over SSL. We also have site-wide SSL.

2.  How is the data protected?

The server and database are protected by a private key. There is no password access. The traffic between the database and our servers is only allowed. No remote access is allowed to the database.

We use AWS for hosting our servers and we have firewall protection in front of our servers.
You can see more details here

3. Is the conversation history stored? Is the communication channel secure?

No, ScrumGenius does not store more data than necessary. We only store the answers, followed by the questions that the bot asks during the report.

We use SSL between transports between the chat platform (e.g. Microsoft Teams, Slack, WebEx Teams etc) and ScrumGenius. The chat platform sends data through a secure channel when a conversation happens with the ScrumGenius bot. We collect only the answers from this payload and store this data in our database as a standup entry for that member.

4. Who has access to the data?

Only our team have access to the server.

5. Can you delete my data?

When a ScrumGenius account is created and integrated with the chat platform, we create a team object within the database in ScrumGenius too. We associate your team members data, as well as any report entries. Due to the hierarchical nature of this organization, we can delete any data from the account level downwards at your request. This process is done via email request.

How did we do?