Privacy Policy

VirtualBoard ('we', 'us', or 'our') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. If you do not agree with the terms of this policy, please do not access the Service.

Personal Information

We collect information that you provide directly to us, including:

• Account information (name, email address, GitHub username)
• Profile information and preferences
• Payment and billing information
• Communications with us (support requests, feedback)

GitHub Data

When you connect your GitHub account, we access:

• Repository information (names, descriptions, visibility status)
• File contents within authorized .virtualboard/ folders
• Commit history and webhook events
• Organization and team membership data (if applicable)

Usage Data

We automatically collect certain information when you use the Service:

• Log data (IP address, browser type, operating system)
• Device information and identifiers
• Usage patterns and feature interactions
• Performance and error data

We use the collected information for the following purposes:

• Provide, maintain, and improve the Service
• Process transactions and send transactional communications
• Respond to your comments, questions, and customer service requests
• Send technical notices, security alerts, and support messages
• Monitor and analyze trends, usage, and activities
• Detect, prevent, and address technical issues and security vulnerabilities
• Personalize and improve your experience
• Send marketing communications (with your consent)

We may share your information in the following circumstances:

With Your Consent

We share information when you explicitly authorize us to do so.

Service Providers

We share information with third-party service providers who perform services on our behalf:

• Cloud hosting providers (database and file storage)
• Payment processors (for billing and subscriptions)
• Analytics providers (to understand usage patterns)
• Communication services (email delivery)

Legal Requirements

We may disclose information if required by law or in response to:

• Legal processes (subpoenas, court orders)
• Government requests
• Protect our rights, privacy, safety, or property
• Enforce our Terms of Service

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this policy. We may retain certain information for longer periods as required by law, for legitimate business purposes, or to resolve disputes.

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection practices
• Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Depending on your location, you may have the following rights:

Access and Portability

Request a copy of your personal data in a structured, machine-readable format.

Correction

Request correction of inaccurate or incomplete information.

Deletion

Request deletion of your personal data, subject to legal obligations and legitimate business needs.

Opt-Out

Opt out of marketing communications by following the unsubscribe link in emails or updating your preferences.

Account Deletion

Delete your account at any time through the account settings or by contacting support.

We use cookies and similar tracking technologies to:

• Maintain your session and authentication state
• Remember your preferences and settings
• Analyze usage patterns and improve the Service
• Provide personalized content and features

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of the Service.

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information.

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to such transfers. We implement appropriate safeguards to protect your data during international transfers.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the 'Last updated' date. We encourage you to review this policy periodically.

If you have questions or concerns about this Privacy Policy, please contact us at:

If you are located in the European Union or European Economic Area, you have additional rights under GDPR:

• Right to object to processing based on legitimate interests
• Right to restrict processing in certain circumstances
• Right to lodge a complaint with a supervisory authority
• Right to withdraw consent at any time (where processing is based on consent)

We process your data based on: (1) your consent, (2) performance of a contract, (3) legal obligations, or (4) legitimate interests.