Actual AI LogoActual AI

Privacy Policy

Updated January 10, 2025

We at SprintReview, Inc., DBA Actual AI ("Company", "we", "us", "our") know that our users ("you," "your") care about how your personal information is used and shared. We take your privacy seriously and are committed to protecting it through our compliance with this Privacy Policy. Please read the following to learn more about our Privacy Policy explaining our online information practices and the choices you can make about the way your information is collected and used and how you can access and update your information.

By visiting or using the actual.ai website (the "Website") or any other services, products, features, content, or applications offered from time to time by Company in connection therewith (collectively with the Website, the "Service(s)") in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent that we will collect, use, and share your information in accordance with this Privacy Policy. If you do not agree with our policies and practices, your choice is not to use our Services.

The Actual AI Services are subject to the Actual AI End User License Agreement (EULA).

If you have questions or concerns about our privacy practices, please contact legal@actual.ai. If you would like to report a suspected bug or security vulnerability with our site or products, please contact legal@actual.ai

THIS PRIVACY POLICY MAY CHANGE FROM TIME TO TIME. YOUR CONTINUED USE OF THE SERVICES AFTER WE MAKE CHANGES IS DEEMED TO BE ACCEPTANCE OF THOSE CHANGES, SO PLEASE CHECK THE POLICY PERIODICALLY FOR UPDATES.

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOUR CHOICE IS NOT TO USE OUR SERVICES. BY USING OR ACCESSING THE SERVICES, YOU ARE ACCEPTING THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY.

1. What Does This Privacy Policy Cover?

This Privacy Policy applies to information we collect:

  1. On or through the Services
  2. In email, text, and other electronic messages between you and our Services

It does not apply to information collected by:

  1. Us offline or through any other means, including on any other website operated by the Company or any third party (including our affiliates and subsidiaries)
  2. Any third party, including through any application or content that may link to or be accessible from or on our Services

This Privacy Policy does not apply to Open Source Software (as defined in the EULA).

THE SERVICES ARE NOT INTENDED FOR CHILDREN UNDER 18 YEARS OF AGE. We do not knowingly collect or solicit Personal Information from anyone under the age of 13 or knowingly allow such persons to register for our Services. If you are under 13, please do not attempt to register for the Services or send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 13 may provide any Personal Information to us or on the Services. In the event that we learn that we have collected Personal Information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at legal@actual.ai

2. What Information Does the Company Collect and How?

We may collect several types of information from and about users of our Services, including information:

  1. By which you may be personally identified, such as name, postal address, email address, telephone number or any other identifier which is deemed personal information under various laws, rules, and regulations applicable to this Privacy Policy ("Personal Information")
  2. That is about you but individually does not identify you
  3. About your internet connection, the equipment you use to access the Services, and usage details

We collect this information:

  1. Directly from you when you provide it to us
  2. Automatically as you navigate through the Service

Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies.

Account Information

Any information about you when you register for an account or otherwise engage with the Services such as your name and email address you provide during account creation, and your payment info, company name, phone number, title and physical address when you convert to a paid account.

Information You Provide Us

Any information you provide by contracting us through the Service, or any additional information you provide that we may ask for if you contact us or report a problem with the Service, your search queries on the Service, and details of transactions you carry out through the Service. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. You agree and acknowledge that by submitting such information that you have the authority and necessary consents to provide such information.

Application Data

Any data that you add to any interactive features of the Services (such as cards, comments, commit messages, pull request messages, release notes, etc.) is stored in our systems. Additionally, when you use any of our applications, we store some usage analytics, the directory, folder and file names on your device where you store your code, and any crash reports sent from your client.

Service Telemetry and Usage Data

To improve our users' experience with our Services, as you navigate through and interact with our Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  1. Telemetry data and details of your use of the Services, logs, location data and other communication data and the resources that you access and use on the Services
  2. Information about your computer and internet connection, including your IP address (including geolocation), operating system, product version, and browser type
  3. Your preferences, such as language selection

Cookies

We use "cookies" when you use or access any of our browser-based Services. A cookie is a piece of data stored on your hard drive or smartphone, to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to login a password more than once, thereby saving you time. Cookies can also enable us to track and target the interests of our users to enhance the experience. Usage of a cookie is in no way linked to any of your personally identifiable information. For further information, visit https://www.aboutcookies.org/. You can set your browser not to accept cookies, however, in some cases, some of our Service features may not function as a result.

Log Files

As is true of most websites and services, we may collect certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data. For our cloud based Services, the information we collect may include the URLs you accessed (in our log files), usernames as well as elements of your content (such as Jira project names, project keys, status names, and JQL filters, and confluence page titles and space names) as necessary for the cloud Services to perform the requested operations.

Third Party Authentication Information & Permissions

When you authenticate your user credentials with Jira, Github, or any other similar platforms source control or issue tracking software that Actual AI connects with, you will be asked what information and permissions you'd like those platforms to share with Actual AI. We will collect information that you approve to share from those services.

Web Beacons

Pages of the Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

3. How Do We Use Your Information?

We process your Personal Data only if we have a lawful basis for doing so. Lawful basis for processing include consent, contractual necessity and our "legitimate interests" or the legitimate interest of others, as further described below.

Contractual Necessity

We process the following categories of Personal Data as a matter of "contractual necessity", meaning that we need to process the data to perform under our Terms of Service or End User License Agreement with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.

  • First and last name
  • Email address
  • Mailing address
  • Credit card and credit card CVV
  • Transaction and Billing Data
  • Company name
  • Any Personal Data included in source code you provide

Legitimate Interest

We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties:

  • First and last name
  • Email address
  • Mailing address
  • Company name
  • Usage data and identifiers of your devices

Examples of these legitimate interests include:

  • Operation and improvement of our business, products and services
  • Marketing of our products and services
  • Provision of customer support
  • Protection from fraud or security threats
  • Compliance with legal obligations
  • Completion of corporate transactions

Consent

In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.

Other Processing Grounds

From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

4. How and With Whom Do We Share Your Data?

We share Personal Data with our affiliates, vendors, third party service providers and agents who work on our behalf and provide us with services related to the purposes described in this Privacy Policy, our Terms of Service, or our End User License Agreement. These parties include:

  • Payment processors
  • Fraud prevention service providers
  • Hosting service providers
  • Co-location service providers
  • Telecommunications service providers

We also share information with third parties when you have given us consent to do so (as indicated at the point such information is collected). You may choose to make use of third-party add-ons in conjunction with certain Services. Third-party add-ons are software written by third-parties to which you grant access privileges to your content (which may include your Personal Data). When access is granted, your content is shared with the third-party. Third-party add-on policies and procedures are not controlled by the Company even though the third-party add-on may be available through the Services. This Privacy Policy does not cover the collection or use of your data by third-party add-ons, and we urge you to examine the privacy policies governing third-party add-ons.

We also share Personal Data when we believe it is necessary to:

  • Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
  • Protect us, our business or our users, for example to enforce our Terms of Service or End User License Agreement, prevent spam or other unwanted communications and investigate or protect against fraud
  • Maintain the security of our products and services

Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data as set forth in this policy.

We do not sell your Personal Data, nor do we share your Personal Data with third-parties for their marketing purposes (including direct marketing purposes) without your permission.

5. How Long Do We Retain Your Personal Data?

We retain Personal Data about you for as long as you are a customer. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation.

Afterwards, we retain some information for marketing and promotional activities, unless you have opted out of such promotions.

6. What Security Measures Do We Use?

We take reasonable precautions to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction. We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity.

7. What Rights Do You Have Regarding Your Personal Data?

You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email legal@actual.ai. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

  • Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
  • Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
  • Erasure: You can request that we erase some or all of your Personal Data from our systems.
  • Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
  • Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
  • Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.
  • Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
  • Right to File Complaint: You have the right to lodge a complaint about the Company's practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.

8. Transfers of Personal Data

The Services are hosted and operated in the United States ("U.S.") through the Company and its service providers, and laws in the U.S. may differ from the laws where you reside.

By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, may be provided to the Company in the U.S. and may be hosted on U.S. servers, and you authorize Company to transfer, store and process your information to and in the U.S. and possibly other countries. The Company minimizes any potential risk to your rights and freedoms under GDPR by not collecting or storing sensitive information about you.

9. Special Notice for California Residents

The California Consumer Protection Act ("CCPA") requires specific disclosures to California residents. These required disclosures are organized separately for convenience and to reflect terminology used in the CCPA. If you wish to request more information from the Company or inquire on exercising your rights under CCPA, you can reach out to the Company by emailing us at legal@actual.ai

10. Special Notice for Nevada Residents

The Privacy and Security of Personal Information Chapter of Nevada law provides that where certain types of Personal Information ("Covered Information") are collected via a website or online service maintained by the operator of such site that the operator notify the consumer of the categories of information collected; how it is collected, shared, used and, where applicable, access by third parties. You will find this information above in Sections 1, 2, and 3. If you wish, you may submit a request with respect to your data, to Company support.

11. Changes to Our Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

12. Contact Us

To ask questions or comment about this privacy policy and our privacy practices, contact us at: legal@actual.ai