avatar

Privacy Policy

Introduction

Welcome to RedminePRO! This Privacy Policy explains how we collect, use, and safeguard your information when you use our Redmine SaaS Cloud offering (“the Service”), hosted on AWS Cloud Environment. By using our Service, you agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please refrain from using our Service.

Information We Collect

1. Information You Provide to Us

  • Account Information: When you register for the Service, we collect personal information such as your name, email address, phone number, and payment details.
  • Content Information: Information that you upload, submit, or create within the Service, including projects, tasks, attachments, and comments.

2. Information We Collect Automatically

  • Usage Information: Data about your interactions with the Service, such as access times, pages viewed, and your IP address.
  • Device Information: Information about the device you use to access the Service, including device type, operating system, and browser type.
  • Log Data: Server logs that may include information like your IP address, browser type, and error messages.

3. Information from Third Parties

We may receive information about you from third parties, such as identity verification providers, payment processors, or partners assisting in delivering our Service.

How We Use Your Information

We use the information we collect to:

  1. Provide, operate, and improve the Service.
  2. Authenticate and manage your account.
  3. Process payments and transactions.
  4. Communicate with you, including sending updates, support messages, and promotional content.
  5. Monitor and enhance the security of the Service.
  6. Comply with legal obligations and enforce our Terms of Service.

Sharing Your Information

We may share your information with the following parties:

  • Service Providers: Trusted third parties, such as AWS, used to host and maintain our infrastructure and payment processors.
  • Compliance Authorities: Authorities or other entities when required by law or to protect the rights, property, or safety of our users and the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of our business, your information may be transferred as part of the transaction.

Data Storage and Security

  • Data Storage: Your data is stored securely within AWS Cloud Environment data centers, which are compliant with industry-standard security certifications.
  • Data Encryption: All data is encrypted in transit and at rest using industry-standard encryption protocols.
  • Access Controls: We implement strict access controls to safeguard your information.

Data Retention

We retain your data for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. Upon account termination, we may retain certain information as required by law or for legitimate business purposes, such as resolving disputes or enforcing agreements.

Your Rights

Depending on your location, you may have the following rights regarding your information:

  1. Access and Portability: Request access to and a copy of your personal information.
  2. Correction: Request corrections to inaccurate or incomplete information.
  3. Deletion: Request the deletion of your personal information, subject to legal and contractual limitations.
  4. Restriction and Objection: Request restriction of or object to processing your information.
  5. Data Portability: Request transfer of your data to another service provider.

To exercise these rights, please contact us at [email protected].

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage. You can manage your preferences through your browser settings. For more information, please review our Cookie Policy.

International Data Transfers

Your Redmine data resides in the region you have selected while signing up for RedminePRO.

Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. Changes will be posted on this page, and we encourage you to review this policy regularly.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

RedminePRO
Email: [email protected]
Website: https://redminepro.com

Effective Date: 17-Feb-2022

We’re committed to keeping your data secure and your private information private. If you have any questions, please contact us.

Steps we take to ensure your security

Compliance Program ISO/IEC 27001:2022

RedminePRO by HAZERCLOUD™ maintains active ISO/IEC 27001 compliance and is annually audited by an independent, certified third party. Our ISO/IEC 27001 Security, Availability & Confidentiality Report is available to current and prospective customers, please contact us at [email protected] for a copy.

All of RedminePRO by HAZERCLOUD™ infrastructure is hosted on Amazon Web Services (AWS). RedminePRO uses AWS data centers that are SOC 1, SOC 2, PCIDSS and ISO/IEC 27001 certified in the US East and EU West regions.

Third-Party Testing

RedminePRO uses our External Security Tool yearly for penetration and security testing. Our test reports are available to current and prospective customers, please contact us at [email protected].

Encryption

All RedminePRO data and communications are encrypted using industry best practices.

  • Encryption At-Rest: All databases and disk volumes are encrypted using AWS KMS (FIPS 140-2 validated) and the industry-standard AES-256 algorithm.
  • Encryption In-Transit: All communications with RedminePRO services and APIs use Transport Layer Security (SSL/TLS 1.2+) for secure connections. View our Qualys SSL Report.
  • Encrypted Backups: All customer data is continuously backed up in an encrypted format, with point-in-time recovery capabilities. We validate our data recovery procedures regularly as part of our business continuity and disaster recovery processes.

Privacy And Confidentiality

No RedminePRO by HAZERCLOUD™ staff will access your data unless required for support reasons. When working on a support issue we only access the minimum data needed to resolve your issue while respecting your privacy. Access to data is restricted by job function and monitored.

Access Controls

All data is private by default and only accessible to you.

Single Sign-On

RedminePRO uses Role-Based Access to access the resources.

Secure Authentication

All user passwords are stored salted and hashed and cannot be recovered by RedminePRO staff.

Optional Two-Factor Authentication (2FA/MFA) support is available for an additional layer of protection of your account.

Secure Configuration and Change Management

RedminePRO uses vulnerability scans, and automated testing with servers continuously kept up to date with the latest security errata.

Credit card security

If you subscribe to RedminePRO by HAZERCLOUD™ paid plans, your credit card data is not transmitted through nor stored on our systems. We use a payment processor called Stripe, a company entirely dedicated to this task. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. Read more about Stripe’s security.

Need to report a security vulnerability?

Please email us directly at [email protected]

Responsible Disclosure

We strive to keep RedminePRO safe and secure for everyone. If you have discovered a security vulnerability we would greatly appreciate your help in disclosing it to us in a responsible manner. We will work with you to assess and understand the scope of the issue and fully address any concerns. Emails are directly sent to our Security and Engineering staff to ensure that issues are addressed rapidly. Any security emails are treated with the highest priority as the safety and security of our service is our primary concern.

If you have questions regarding a specific policy or general inquiries regarding security?

Contact Us
Scroll to Top