Overview
Scrums.com takes data protection seriously. All client data processed through the platform is handled in accordance with applicable data protection law and our contractual obligations.What data we process
Delivery data — Sprint records, task assignments, velocity metrics, code quality reports, and delivery performance data generated during engagements. User data — Names, email addresses, and role information for workspace users. This includes both client-side users and Scrums.com engineers deployed in your workspace. Integration data — Data synced from connected tools (Jira, GitHub, Slack, Azure DevOps) within the authorised scope configured at integration setup. Infrastructure data — Usage metrics for cloud services managed through Scrums.com, where applicable (AWS, GCP, Azure).Data security measures
| Measure | Details |
|---|---|
| Encryption in transit | TLS 1.2 or higher for all data in transit |
| Encryption at rest | AES-256 for stored data |
| Access control | Role-based access control limits data access to authorised users |
| Security assessments | Regular penetration testing and vulnerability assessments |
| Incident response | Defined procedures with notification timelines per GDPR/POPIA requirements |