Any capitalized terms not otherwise defined herein will have the same meaning as in the Butler Terms of Service,which incorporates this Policy by reference (together, the “Terms”). Updates to this Policy reflect changes in data protection laws, as well as our effort to provide you with a clear understanding of how we protect your privacy. This Policy does not apply to any third-party services that integrate with the Service, or that we use to provide the Site and Service to you.
“Personal Information” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Sensitive Personal Information” means Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation, or any Personal Information relating to criminal convictions and offenses.
We get information about you in a range of ways: for account creation on the Service, for integration with your Trello Account to effectuate the Service, for billing purposes if you have an Upgraded Account with us, for customer support, and for Service improvement. In each case, we only collect as much information as is necessary or appropriate to achieve the purpose of such data collection. Likewise, we only process the data you have authorized us to process, whether through your consent to the Terms, or by generating Commands.
Trello Board Data: with the exception of Operational Data (see below), your Trello data is only stored if it is required to execute Commands.
Trello User Data: we collect and retain Trello user names and email addresses to communicate critical service updates. We will only contact you for direct marketing purposes or share your data with third parties if you explicitly provide consent for us to do so. You may unsubscribe from or opt out of any marketing communications you receive from us at any time.
Operational Data: usernames, field names, identifiers, programmatic values, and similar data may be stored to accelerate the performance of the Service.
User-Requested Data: we store information that you enter into Commands and as part of your Operational Data.
We do not affirmatively solicit or attempt to collect, use, or process any Sensitive Personal Information. As specified in our Terms, we do not verify or claim any responsibility for the plain-text content you input on your Trello board(s) or into the Commands. Any information you include in your Trello Board Data or the User-Requested Data is at your own risk and we will treat it as described in the section below labeled “Trello Integration”. We do not disclose any of your Personal Information other than as described in this Policy. You can always refuse to supply your Personal Information, with the caveat that it may affect the performance of or prevent you from using the Service.
As stated in the Terms, neither the Site nor the Service is directed toward individuals under sixteen (16) years of age (“Child” or “Children”). We do not knowingly collect or process Personal Information from Children. If we become aware that a Child has provided Personal Information to us, we will take all commercially reasonably steps to delete such information. Children are not eligible to use our Service.
We collect your name, email address, as well as other Personal Information you directly give us on the Service in order to create and maintain your User Account, as described in the Terms. Authentication is currently performed through Trello, but we still store your name, email address, and Trello username in the Company database. We also collect other data from your Trello account and boards, to the extent that it flows from Trello to Company servers (the “Data”). We use standard OAuth authentication to access your Personal Information and Data. We request permission from you via Trello to access the Personal Information and Data, and we are bound by the permissions granted by you and Trello. We never obtain your passwords, and you can revoke our access to your Personal Information and Data at any time, easily and without the need for our intervention.
In order to perform the Service and match the triggers you set for automated actions in Trello, we receive notifications about every Trello action you perform. After receiving an action notification, we may request additional information from Trello that is required to validate the trigger conditions. For example, if you set a trigger specifying that a rule should only be executed when a card has a certain label, we will retrieve the card’s labels to verify that condition.
If you perform an action in Trello that, after considering all conditions, does not trigger a subsequent action, we immediately discard all the data associated with your action except for an action identifier, a 24-digit hexadecimal serial number, which does not contain any information about your action. This action identifier is stored to avoid processing actions multiple times.
If one or more triggers are detected by your action, all of the information from your action and any subsequent Commands triggered, is stored in an execution queue until each can be executed. Once executed, its associated information is deleted from the queue and logged into a logging system along with any additional information gathered as a result of the execution. For example, if the trigger requires us to find a list in another Trello board, the information about this list (ex. name, id), will be added to the logging system (the “Log”).
All Logs are encrypted at rest, which means that they are secure at the storage level. Information we keep in the Log is retained for up to ninety (90) days in order to debug possible malfunctions before being discarded. Certain types of Upgraded Accounts can request separate execution queues and shorter log retention periods. For more information on such Upgraded Accounts, please contact us at the email address provided below under “Contact Information”.
If you contact us for support, questions, or in response to one of our critical service updates, we may collect, use, process, and share your email address and email content in order to communicate with you, diagnose any potential issues with the Service, and provide you with a response or solution. We may request additional information from you to achieve this purpose.
Other than Log information and any information you provide us with respect to customer support, we may get Personal Information about you from other sources as a result of the operation of the Service. We may add this to information we get from the Service. Like most websites, we automatically log some information about you and your web-enabled device. For example, when visiting the Service, we may log your device’s operating system type, browser type, browser language, the referring website you visited before browsing to our Service, pages you viewed on our Service, how long you spent on a page, access times, and information about your use of and actions on the Service. In addition, we may use third-party services such as Google Analytics, which collect, monitor, and analyze this type of information in order to improve the Site and Service’s functionality and design. These third-party service providers have their own privacy policies addressing how they use such information.
We may log information using "cookies." Cookies are small data files stored on your hard drive by a website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site and Service. This type of information is collected to make the Site and Service more useful to you and to tailor the experience with us to meet your special interests and needs. You can typically remove and reject cookies from our Service with your browser settings. Many browsers are set to accept cookies until you change your settings. If you remove or reject our cookies, it could affect how our Site and Service works for you.
Other than as described above, we may use your information as follows:
If information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, we may use it for any business purpose.
Other than as described above, we may share your information as follows:
We may also share aggregated or anonymized data with others for their own uses.
Subject to applicable law, you may be able to access, modify, or restrict access to your Personal Information and other information through the Site, Service, or upon request. You may also have the right to lodge a complaint with your local data protection authority where you reside. If your Authorized or Upgraded Account is administered by an organization and you are not the administrator, you must refer to that organization’s policies regarding your Personal Information and contact your administrator accordingly. We do not control, nor are we responsible for, the policies set by organization administrators. Unless otherwise specified, you can control the Personal Information we receive from Trello by updating your Trello Account information. It is your responsibility to ensure that your Personal Information is current, correct, and accurate.
You may be able to remove or receive an electronic copy of your Personal Information and other information through the Site, Service, or upon request, as is feasible and unless otherwise specified by your organization’s policies. You may also revoke our continued access to your Personal Information by following the steps here: https://help.butlerfortrello.com/article/16-revoking-access-to-trello.
We will make all commercially reasonable efforts to provide you with or remove your Personal Information from our databases and servers upon request, as feasible, and as required under applicable laws and regulations. However, we may retain your Personal Information and any other information necessary in order to pursue legitimate business interests, conduct audits, comply with and demonstrate compliance with legal obligations, resolve disputes, and enforce our agreements. Likewise, if you post or share on a public or organization’s Trello board(s), certain information may remain even after you have terminated your account or requested the removal of your Personal Information.
In some cases, we may not be able to remove or supply you with your information, in which case we will let you know why. If fulfilling your request would reveal information about another person, or otherwise violate the rights and freedoms of others, we will notify you that we cannot act on your request for such reasons.
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we collect, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. All communications are encrypted using HTTPS/TLS. We may offer additional security and encryption to any user with an Upgraded Account.
However, because no data transmission is completely secure, and no system of physical or electronic security is impenetrable, we cannot guarantee the security of the information you send to us or the security of our servers, networks, or databases. By using the Service, you agree to assume all risk in connection with the information sent to us or collected by us when you access, visit, or use the Service, including, without limitation, your Personal Information or other information. We are not responsible for any loss of such information or the consequences thereof. In the unlikely event that we believe that the security of your information in our possession or control may have been compromised, we may seek to notify you. If notification is appropriate, we may notify you via your computer, mobile, or other device.
All of our services are currently hosted in Amazon Web Services. Our main public service is hosted in several availability zones on the West Coast of the United States. We currently do not store data outside of the United States. However, information may be transferred to, and maintained on, servers and databases located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as your jurisdiction. Please be advised that we may transfer your information to and from any state, province, country, or other governmental jurisdiction, and process it in the United States or elsewhere. If our hosting services or data storage policies change, we will notify you by updating this Policy and may notify you through other means. Your continued submission of information represents your agreement to any such continued transfer.
We may change this Policy at our sole discretion at any time, with or without notice to you. If we make any changes, we will post such changes on this page, and will update the Effective Date above. If such changes are material, we may notify you of the updated Policy by the email address you have provided to create your Authorized Account. Accordingly, if at any time you do not agree to be subject to the modified Policy, you may no longer use the Service.