SpecFlow and SpecFlow+ Privacy Policy

Usage Tracking with Azure Application Insights

To improve the quality of our extensions we are use Azure Application Insights, an analytics platform provided by Microsoft. Only anonymous usage data is transferred to Azure Application Insights, for further details, please see Microsoft’s documentation by clicking here.

You can disable these analytics if you do not wish to share this information.

SpecFlow

We collect the following anonymous data in SpecFlow:

  • Unique anonymous user identifier
  • Target framework(s) of projects that uses SpecFlow
  • Operating system platform
  • Project GUID of projects that uses SpecFlow
  • MSBuild Version
  • SpecFlow version in use
  • Unit test provider
  • Running as build server flag
  • Hashed assembly name (SHA256)

SpecFlow Visual Studio Extension

We track the following anonynmous data in Azure Application Insights when using the SpecFlow Visual Studio Extension:

  • Unique anonymous user identifier
  • Visual Studio version
  • Target framework(s) of projects
  • Extension version
  • Previously installed extension version

SpecFlow+ LivingDoc Azure Devops Extension

The following data is automatically collected by Azure Application Insights:

  • Web server telemetry: HTTP requests, URI, time taken to process the request, response code, client IP address. session ID.
  • Web pages: Page, user and session counts, page load times, exceptions, Ajax calls.
  • Performance counters: Memory, CPU, IO, network occupancy.
  • Client and server context: OS, locale, device type, browser, screen resolution.
  • Exceptions and crashes: Stack dumps, build ID, CPU type.
  • Dependencies: Calls to external services such as REST, SQL, AJAX. URI or connection string, duration, success, command.
  • Availability tests: Duration of test and steps, responses.

We track the following additional anonymous data in the SpecFlow+LivingDoc Azure Devops or Azure Devops Server extension:

  • Unique anonymous user identifier
  • Host GUID
  • Collection GUID
  • Project GUID
  • Extension version
  • Platform (Azure DevOps or Azure DevOps Server)
  • Platform version
  • License information

User-created Data

Our products installed as extensions on Azure DevOps or Azure DevOps Server store user created data on the hosting infrastructure where the extension is installed. All data written by the extensions remains within the host infrastructure. For further details, please see Microsoft’s privacy policy by clicking on this link.

Personal Data

We collect personal data only for the purpose of delivering and supporting our commercial products. TechTalk collects information necessary for the following purposes:

  • The name of users/companies is required to issue valid licenses to a legal entity (company or user)
  • The billing address of customers or resellers is stored for invoicing purposes
  • The email address of customers or resellers is stored and used to send the license key, as well as inform users shortly before the end of their license’s upgrade period

We do not share customer data with any third parties, and this data is not processed externally. Payment details are shared with our online payment processor, Stripe, in order to complete payment. For further details, please see Stripe’s privacy policy by clicking on this link.

Data Storage

TechTalk is headquartered in Austria (an EU member), and all customer data related to licenses is stored here. This customer data is stored in TechTalk’s own IT infrastructure. Access to this data is restricted to those employees who require the data to complete work related to the software products offered by TechTalk. This includes employees in accounting, sales, management and support.

Data Processing

User data stored in TechTalk’s systems is only processed internally by TechTalk. Personally identifiable information, such as email addresses and names, is processed to send out reminders when the user’s license is due to reach the end of its support period.

The data is also processed to derive aggregated data, such as the number of licenses sold and total revenue over a particular time period. The results of these analyses are made available to all employees, but no personally identifiable information is shared or analysed.

Support tickets

Support tickets are handled using UserVoice. Information on how UserVoice complies with the GDPR can be found here.

Access to the ticketing system is restricted to those employees at TechTalk who require access to the tickets in order to respond to customer inquiries, complete purchase orders and provide technical support (including troubleshooting and reproducing issues).

Website

Our website (specflow.org) is used to provide documentation, news and support, and to sell our commercial products. 

Website Cookies

Our website uses so-called “cookies”, which are small text files stored on your device by your browser. These files are harmless, and are used to provide you with the full experience of our website.

If you do not want these cookies to be stored, you can configure your browser to inform you whenever a cookie is stored. You can also block cookies in your browser.

Our website also uses analysis cookies (session cookies) that are used to analyse the behaviour of website visitors. The data collected in this way is anonymised, meaning there is no way to link the information to a particular visitor.

We use this information to optimise our website, e.g. to make it easier to find relevant information on the website and to assess what information interests our users. We also use this information on our target group for marketing purposes, e.g. to deliver newsletter content that is relevant. Data which is analysed can include the following:

  • Number of sessions
  • Bounce rate
  • Total visits per page
  • Time spent on the website
  • Country of origin of website visitors
  • Page visits per session
  • Browser and operating system

Hotjar Analytics

We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices, in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.

You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

Newsletters

Mailing lists related to TechTalk products are opt-in only. Email addresses used to complete a purchase or for other correspondence are not added to any regular mailing lists/newsletters.

TechTalk’s newsletters are sent using Mailchimp. These newsletters are opt-in, and include the option to unsubscribe. Mailchimp’ privacy policy can be found here.

The email addresses in the mailing lists are only stored on Mailchimp’s servers, and access is restricted. These email addresses are used exclusively for the purpose of sending out newsletters and announcements related to the product in question. No further processing is performed and the mailing lists are not shared with any third parties.

Contact for Data Protection Questions, Removal or Correction of Personal Data

Please address any questions you have concerning data protection to support@specflow.org. Please note that we cannot delete data relating to currently active licenses, as this information is required for business purposes (e.g. to confirm that users requesting support have a valid support period).

Your Rights

Under EU law, you have the following rights:

  1. Right to information on what data is stored about you.
  2. Right to verify and correct your data.
  3. Right to have this data removed. Note that we cannot remove data concerning licenses that are still valid, as we only collect data required to conclude a valid contract (EULA) and bill customers.  This constitutes a legal basis for collecting this data, and does not require prior consent.
  4. Limit the processing of your data. As we only process personal customer data to send out reminder emails when a SpecFlow+ license’s support period is coming to a close, this will mean that you will not receive a reminder email.

If you have any questions regarding how data is handled by TechTalk or wish to exercise the above rights, please contact support@specflow.org.