SP
ScrumPokerFor.dev

Privacy Policy

Last updated: June 4, 2026

1. Overview

ScrumPokerFor.dev ("we", "us", "our") is a free planning poker tool for development teams. This policy explains what data we collect, why we collect it, and how it is used. We do not sell or share your data with third parties for advertising purposes.

2. Data We Collect

Account information (Atlassian OAuth)

When you sign in with Atlassian, we receive and store your Atlassian account ID, email address, display name, and avatar URL. We also store your OAuth access and refresh tokens so we can read and write Jira issues on your behalf.

Session data

We store planning poker sessions you create, including session names, voting scales, issue titles and descriptions imported from Jira, vote results, and final estimates.

Anonymous usage

Anonymous users (no sign-in required) may join sessions using only a display nickname. No personal data is collected for anonymous participants beyond what is needed to operate the real-time session.

3. How We Use Your Data

  • To authenticate you and maintain your session across visits.
  • To fetch your Jira projects and issues for use in planning sessions.
  • To write story point estimates back to Jira issues when you choose to sync.
  • To display your name and avatar to other participants in a session.
  • To show your session history on the dashboard.

4. Jira / Atlassian Integration

We use the Atlassian OAuth 2.0 (3LO) flow to access your Jira data. The scopes we request are read:jira-work, write:jira-work, read:jira-user, and read:me. We only read or write data that you explicitly initiate through the app. We do not access any Jira data beyond what is necessary to provide the planning poker functionality.

5. Data Retention

Your account and session data is retained for as long as you use the service. You may request deletion of your data at any time by contacting us (see section 8). OAuth tokens are refreshed automatically and revoked upon sign-out.

6. Data Sharing

We do not sell, rent, or share your personal data with third parties, except as necessary to operate the service (e.g. hosting infrastructure) or as required by law.

7. Security

All data in transit is encrypted via HTTPS/TLS. OAuth tokens are stored encrypted in our database and are never exposed to other users or in client-side code.

8. Contact

If you have questions about this policy or want to request data deletion, please contact us at privacy@scrumpokerfor.dev.