Privacy Policy

Our Commitment: We respect your privacy and are transparent about our data practices. No customer data is stored permanently on our servers. For Business Tier customers, our Private Data Connector (PDC) ensures your sensitive data never leaves your premises.

Data Handling by Plan Type

Free Plan

Standard Data Processing

  • Planning poker sessions and votes processed in real-time
  • No permanent data storage - sessions cleared after completion
  • Only basic session metadata retained (team names, user emails)
  • Standard encryption in transit and at rest
Business Tier

Private Data Connector

  • Zero data exfiltration: All sensitive data stays on your premises
  • On-premises processing: AI analysis within your security perimeter
  • Complete data sovereignty: You maintain full control and ownership
  • Enterprise compliance: SOC 2, GDPR, HIPAA ready

Note: The Private Data Connector is exclusively available with Business Tier subscriptions. Upgrade to unlock enterprise features.

Private Data Connector (PDC) Architecture

Business Tier Feature

The following architecture diagram applies only to Business Tier customers who have deployed the Private Data Connector within their enterprise environment.

Secure Data Flow Architecture (Business Tier Only)

Private Data Connector Architecture Diagram
Image path: /static/images/arch2.png
🛡️

Data Sovereignty

Your data never leaves your premises. Complete control and ownership guaranteed.

Real-Time Processing

Instant AI analysis with zero data retention. Process and discard immediately.

🚀

One-Click Deploy

Enterprise-grade security with consumer-simple installation and setup.

🛡️

Zero Trust Data Architecture

🏢 Enterprise Environment

All data remains on-premises
Zero data exfiltration risk
Complete organizational control
Enterprise-grade security

☁️ Cloud Processing

Stateless AI processing
No data persistence
Ephemeral connections only
Immediate result delivery

Your data remains exclusively yours. The Planning Poker AI operates with a "local-first" approach, utilizing a Private Data Connector (PDC) installed directly within your company's secure environment. No customer data is ever stored at rest on our servers, nor is it retained after the immediate analysis is complete.

Data Collection & Usage

All Plans (Free & Business Tier):

  • We only collect information necessary for the service to function:
    • Email address (for authentication and account management)
    • Team and session names (for organizing your planning sessions)
    • Voting results and story points (processed in real-time, not stored permanently)
    • Session metadata (timestamps, participant count - anonymized)
  • No story content, user stories, or sensitive project data is permanently stored
  • All data is encrypted at rest and in transit using industry-standard encryption
  • Session data is automatically purged after completion

Key Point: Whether you're on our Free plan or Business Tier, we never permanently store your planning session content, user stories, or estimation discussions. All session data is processed in real-time and automatically cleared.

Integration Privacy

Free Plan:

  • Basic integrations with standard security measures
  • Integration data processed but not permanently stored
  • Standard encryption for all integration communications
  • You can revoke integration access at any time

Business Tier (with PDC):

  • Jira and Azure DevOps integrations run through your Private Data Connector
  • Integration tokens and credentials stored securely within your PDC
  • All integration data flows remain within your enterprise environment
  • Zero data transmission to external cloud services
  • Complete audit trail of all integration activities

Note: Integration data is never shared between organizations regardless of your plan type. Each team's data remains completely isolated and private.

AI Analysis & Data Protection

Free Plan:

  • AI analysis performed in real-time with immediate results
  • No data stored after analysis completion
  • Your data is never used to train AI models
  • Analysis results only visible to your team members
  • Secure cloud processing with encryption

Business Tier (with PDC):

  • AI analysis performed entirely within your Private Data Connector
  • Zero data transmission to external AI services
  • All processing happens on your premises or approved cloud environment
  • Complete data sovereignty and control
  • Enterprise-grade compliance (SOC 2, GDPR, HIPAA)
  • Detailed audit logs of all AI processing activities

Important: Regardless of your plan, your data is never used to train our AI models or improve our algorithms. All AI analysis is performed solely to provide you with planning insights.

Data Retention & Deletion

Universal Policies (All Plans):

  • You can export your basic account data at any time
  • You can delete your account and all associated data instantly
  • Planning session content is never permanently stored
  • Only account metadata (email, team names) retained for service functionality
  • Deleted accounts are permanently removed from our systems within 30 days

Additional Business Tier Protections:

  • Your Private Data Connector can be uninstalled at any time
  • Uninstalling PDC immediately severs all connections to our services
  • All data remains under your complete control and ownership
  • Enterprise data retention policies configurable within your PDC
  • Advanced data governance and compliance reporting available

Contact Us

Company Information:

Planning Poker AI

CEO: Robert M Niemela

Email: [email protected]

Privacy Questions

Have questions about our data practices or need clarification about what applies to your plan? Contact us at [email protected]

Business Tier Inquiries

Interested in Private Data Connector and enterprise features? Reach out to discuss your organization's specific requirements.

If you have any questions about our privacy policy, data practices, or want to understand what privacy features are available with your current plan, please don't hesitate to contact us.

© 2025 Planning Poker AI. All rights reserved.

Last updated: June 14, 2025

Complete Customer Control & Configuration

You Choose What to Index

  • Select specific repositories, projects, or documentation sources
  • Configure which data types to include (stories, epics, requirements)
  • Set access permissions for different team members
  • Exclude sensitive or confidential information

Full Administrative Control

  • Configure indexing schedules and frequency
  • Set data retention policies within your environment
  • Monitor and audit all PDC activities
  • Instantly disable or reconfigure indexing as needed

Your Data, Your Rules: The PDC operates entirely under your control. You decide what gets indexed for scrum analysis, when it gets indexed, and who has access. The system only processes the specific data sources you explicitly configure, ensuring that sensitive or confidential information remains protected unless you specifically choose to include it. All configuration changes are immediate and reversible.