Privacy Policy

Privacy Policy

Effective date: November 18, 2020

Thanks for entrusting Software.co Technologies, Inc. (“Software”, “we”, “us”, “our”) with your data and your personal information. Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use, and share your personal information and to assist you in exercising the privacy rights available to you.

We are a data company. Since data is core to the Services that we offer, we aim to be as transparent as possible about how and why we store your data. You can read more about our fundamental beliefs about how data should be used to improve software development in our data manifesto.

All capitalized terms have their definition in Software’s Terms of Service, unless otherwise noted here.

Table of contents

  • Scope
  • What information we collect
  • What information we do not collect
  • How we use your information
  • How we share the information we collect
  • How we secure your information
  • How you can access and control the information we collect
  • Our use of tracking cookies
  • How we communicate with you

Scope

This Privacy Policy covers the personal information we collect about you when you use our products or services, or otherwise interact with us, including on our website at www.software.com (“Website”), web applications at app.software.com and our related online and offline offerings (collectively, the “Services”). This policy also explains your choices surrounding how we use your personal information, which include how you can object to certain uses of the information and how you can access and update certain information.

What information we collect

We collect data to enable us to operate our Services and provide you with the best experiences on our website and using our Services. You provide some of this data to us directly, such as when you register to use our Services, subscribe to a newsletter, or contact us for support. We also receive some of your data by means of how you interact with our Services.

We classify personal information as any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username, password, email address, name, Internet protocol (IP) address, and profile picture are examples of personal information.

Personal information does not include aggregated, non-personally identifying information that does not identify an individual or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Services.

Information you provide to us

Account and profile creation

We require basic information when you create your account, such as your username and password. You may choose to give us more information for your profile, such as your name, avatar, occupation, company, and location. Additionally, we collect more detailed information about you such as your office type and work hours to help us improve our Services that we provide to you.

Payment information

When you make purchases in our app, a secure window will be opened directly to our third-party subscription provider (Chargebee Inc.) and any payments will be securely processed through our third-party payment providers (Swipesum, Inc. and We are Network Merchants, LLC).

Surveys

We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.

Information collected automatically

User data

When you install one of our plugins—such as Code Time—and sign up for our Services, we collect data required to provide our Services. For instance, our Services measures code time using a combination of events sent by our plugin, such as typing in a file and focusing your code editor. All of our plugins are open-source and available on GitHub.

Data we collect includes, but is not limited to:

  • Coding telemetry
  • Keystrokes, lines of code added and deleted, characters added and deleted, file syntax, and project pathnames
  • Non-coding telemetry
  • Actions that you take, like opening and closing files or focusing and unfocusing your editor
  • Location data based on IP addresses and geographic regions
  • Interactions with editor UI elements related to Software’s plugins
  • Names and version numbers of installed Software plugins
  • Source control history
  • Logs, including repository metadata, names, contributors, branches, and versioning history, from Git or other source control systems

Device information

When you visit and interact with any of our Services, we collect data about your device, such as your operating system, hostname, browser type, and referring URLs.

Usage data

We collect data about how you interact with Software and our Services. For example, we may collect data about the features you use, the web pages you visit, and the plugins you install. This includes your interactions on our website and your interactions with us via email. It also includes interactions you may experience with our Services in your code editor.

Cookies and similar technologies information

To your consent, we automatically collect information from cookies and similar technologies (such as cookie ID and settings) to keep you logged in, to remember your preferences, and to identify you and your device.  Please see here for more information about our use of cookies and similar technologies.

Information from other sources

When you grant us authorization to connect to another service provider, such as Google, we collect data from that tool per the permission scopes requested from you. We may store your data from third-party services for the ease of providing our Services. Examples of data we collect from a Google Calendar integration include the name and ID primary calendar, meeting names, and number of participants.

  • Google: calendar information, including calendar name, and event metadata, including event name, start time, end time, and participant count.
  • Spotify: song metadata and listening activity, including name, duration, genre, listening start time and end time, and liked songs.

What information we do not collect

We do not read or store code from any User’s repository or try to infer a User’s code from keystroke or editor actions, nor can code be reverse-engineered from the data we collect.

We do not intentionally collect sensitive personal information, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any sensitive personal information on our servers, you are responsible for complying with any regulatory controls regarding that data.

If you are a child under the age of 16, you may not use our Services. Software does not knowingly collect information from or direct any of our content specifically to children under 16. If we learn or have reason to suspect that you are a User who is under the age of 16, we will have to terminate your use of our Services. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not use our Services.

How we use your information

We may use your personal information for the following purposes.

Provide the services or requested information

Examples of how we may use your personal information to provide our Services include:

  • Creating your account and providing you with our Services;
  • Providing you with a paid Subscription or any other paid service you request;
  • Identifying you on our Website;
  • Communicating with you via email;
  • Responding to support requests;
  • Inviting you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent.

Serve administrative purposes

Examples of how we may use your personal information to serve administrative purposes include:

  • Better understanding how our Users use Software and to improve our Website and Services;
  • Developing new products and services;
  • Authenticating and verifying individual identities;
  • Investigating possible fraud or attempts to harm Software or our Users;
  • Communicating with you about your account, activities on our Services and Privacy Policy changes; and
  • Complying with our legal obligations, protecting our intellectual property, and enforcing our Terms of Service.

Marketing our products and services

We may use personal information to tailor and provide you with content. If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may update your subscription preferences at any time.

De-identified and aggregated information use

We may use personal information and other data about you to create de-identified and/or aggregated information. De-identified and/or aggregated information is not personal information, and we may use and disclose such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes. For example, we may compile anonymized averages on the activity across our Software users to show global reference classes in our Services.

Process information on behalf of our customers

Our customers may choose to use our Services to process certain data of their own, which may contain personal information. Such personal information that is processed by us on behalf of our customers, and our privacy practices will be governed by the contracts that we have in place with our customers, not this Privacy Policy.

Our sub-processors include, but are not limited to:

Name Description Location of Processing Corporate Location
Amazon Web Services Data hosting United States United States
Snowflake Data hosting United States United States
Chargebee Subscription management United States United States
Customer.io Email United States United States
Google Analytics Website analytics United States United States
Elastic.co Application monitoring United States United States
Google Apps Productivity United States United States
HelpScout Customer support United States United States
Mixpanel Website and plugin analytics United States United States
Looker Analytics United States United States
Segment Event processing United States United States
Sentry Application monitoring United States United States
Swipesum, Inc Payment processing United States United States
Typeform Surveys United States United States
We are Network Merchants, LLC Payment processing United States United States

How we share the information we collect

We may share your personal information with third parties under one of the following circumstances:

With your consent

We share your personal information, if you consent, after letting you know what information will be shared, with whom, and why.

With service providers

We share personal information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform analytics, payment processing, customer support ticketing, network data transmission, and other similar services. While Software processes all personal information in the United States, our service providers may process data outside of the United States or the European Union.

Sharing content with others

Software may offer social sharing features and other integrated tools, which let you share actions you take on Software with other media, such as Twitter, and vice versa. Your use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature.

Advertising partners

We do not use or share your information, including personal information, to advertise any third party’s products or services via the Services. We may use and share your personal information with third-party advertising partners to market our own Services and grow our Services’ user base, such as to provide targeted marketing about our own Services via third-party services.

For security purposes

If you are a member of a Software team or organization, Software may share your username, Usage Information, and Device Information associated with that team or organization, to the extent that such information is required.

For legal disclosure

Software strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. Software may disclose information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.

Disclosures to protect us or others

We may access, preserve, and disclose any information we store in association with you to external parties if we, in good faith, believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) protect your, our, or others’ rights, property, or safety; (iii) enforce our policies or contracts; (iv) collect amounts owed to us; or (v) assist with an investigation and prosecution of suspected or actual illegal activity.

Disclosure in the event of merger, sale, or other asset transfer:

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

We do not sell your personal information for monetary or other consideration. The California Consumer Privacy Act of 2018 (“CCPA”) requires businesses to state in their privacy policy whether or not they disclose personal information in exchange for monetary or other valuable consideration. While CCPA only covers California residents, when it goes into effect we will voluntarily extend its core rights for people to control their data to all of our users, not just those who live in California.

How we secure your information

Software takes commercially reasonable steps designed to protect personal information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of personal information.

We hash sensitive information, such as project and file names, at the time of collection in our plugin. We use the Blake2b hashing algorithm to ensure the security of your data. Transmission of data on Software is encrypted using SSH and HTTPS (TLS). Our data remains hashed when it is stored.

No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.  Please keep this in mind when disclosing any personal information to us over the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Services, or third party websites.

How you can access and control the information we collect

If you're already a Software user, you may access, update, alter, or delete your basic user profile information by editing your user profile. You can control the information we collect about you by limiting what information you provide in your profile.

Data access

Under The California Consumer Privacy Act of 2018 (“CCPA”), you have the right to access your data. You can request a copy of your data in your account settings.

Data retention

We store the personal information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

Deletion of data

If you would like to cancel your account or delete your personal information, you may do so in your account settings. Barring legal requirements, we will delete your full profile (within reason). You may contact us to request the erasure of the data we process on the basis of consent within 30 days. After an account has been deleted, certain non-identifiable data may remain. However, we will delete or de-identify your personal information, including your username and email address.

Anonymized data

Your data is anonymized before it is aggregated as part of a reference class, such as a team or global reference class. This information is not personally identifiable. If you are using our Services, such as our Code Time plugin, without registering for a Software web account, your information will be anonymous. We also do not consider this data personal information.

Our use of cookies and tracking

Cookies

We use cookies to make interactions with our Services easy and meaningful. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and improve our services. By using our Services, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you may not be able to log in or use our Services.

Third parties may collect or receive information about your use of our Services and use that information to provide conversion tracking, measurement services, and targeted ads. We may employ learnings of your behavior to serve you with targeted advertisements on third-party websites in an effort to re-market our products and services to you.

Web tracking and analytics

We use a number of third-party analytics and service providers to help us evaluate our Users' use of Software, compile statistical reports on activity, and make smarter product decisions. In addition, we use our own internal analytics software, such as in our plugins, to provide features, monitor for bugs, and improve the overall quality of our Services.

Pixel tags

Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.

Online Tracking and Do Not Track Signals

We and our third party service providers, including Facebook, may use cookies, pixels, or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site and use that information to send targeted advertisements. Our Services currently do not respond to “Do Not Track” (“DNT”) signals and operate as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

How we communicate with you

We use your email address to communicate with you, with your permission. For example, if you contact our Support team with a request, we respond to you via email. You may manage your communication preferences in your user Account settings.

Depending on your email settings, we may occasionally send notification emails about product launches, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails based on your choices and in accordance with applicable laws and regulations. There is an “unsubscribe” link located at the bottom of each of the marketing emails we send you.

Please note that you cannot opt out of receiving important communications from us, such as emails from our support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications. You can also delete your account permanently, which will remove you from all future communications with us.

Contact Us

If you have concerns about the way we are handling your personal information, please let us know immediately. We are here to listen. You may email us directly at support@software.com with the subject line "Privacy Concerns." We will respond as promptly as possible.

You may also contact our Data Protection Officer directly.

Software Data Protection Officer Software 950 Mason Street #U1102 San Francisco, CA 94108 dpo@software.com

Changes to our Privacy Policy

Software may change our Privacy Policy from time to time. We will provide notification to Users of material changes to this Privacy Policy through our Website prior to the change taking effect by posting a notice on our home page or, if additional notice is required by law, sending email to the primary email address specified in your Software account.