Terms of Use

Last updated: April 10, 2026

1. Acceptance of These Terms

By accessing or using SprintCap (the "Service"), available at www.sprintcap.info, you agree to be bound by these Terms of Use and Privacy Policy ("Terms"). If you do not agree, do not use the Service. Your continued use of the Service after any changes to these Terms constitutes your acceptance of the revised Terms.

2. Who We Are

SprintCap is a free web application operated by an individual developer. The Service is provided on a personal, non-commercial basis to help Scrum Masters and agile teams plan and track sprint capacity. For any questions or requests regarding these Terms or your personal information, contact us at: fseguerra1@gmail.com.

3. Description of Service

SprintCap is a free, web-based tool that enables Scrum Masters to manage squad members, plan sprints, track absences, allocate tickets, and generate per-sprint capacity reports. Scrum Masters may optionally connect a squad to an Atlassian Jira project to import sprint backlog items directly into SprintCap. The Service is provided free of charge with no guarantee of uptime, accuracy, or fitness for any particular purpose. We reserve the right to modify, suspend, or discontinue the Service at any time without notice.

4. Information We Collect

We collect only the minimum personal information necessary to provide the Service.

Information provided via Google Sign-In:

  • Full name — displayed in the application to personalise your session.
  • Email address — used solely as a unique account identifier. We do not send emails to this address.
  • Profile picture URL — displayed as your avatar in the sidebar.

Automatically collected:

  • Session cookie — a secure, HTTP-only cookie that maintains your authenticated session. It contains no personal information.

Via Jira integration (optional — only when a Scrum Master connects a squad to Jira):

  • Issue title, type, estimate, and Jira reference — imported as SprintCap ticket fields.
  • Sprint name — used to identify which Jira sprint to import.
  • Assignee display name — used to match the Jira assignee to a SprintCap squad member.
  • Atlassian Cloud URL and project key — to identify the connected Jira instance.
  • OAuth access and refresh tokens — encrypted at rest using AES-256-GCM and stored per squad.

We do not access issue descriptions, comments, attachments, or any data outside the connected project. For full details on Jira data handling, see our Privacy Policy.

We do not collect browsing history, device identifiers, IP addresses, location data, or any information beyond what is listed above.

5. How We Use Your Information

Your personal information is used exclusively for the following purposes:

  • Authentication: to verify your identity and create a secure session.
  • Data isolation: to ensure your squads, sprints, and capacity data are visible only to authorised users.
  • Personalisation: to display your name and avatar within the application.

We do not use your information for any purpose beyond what is listed above.

6. What We Will Never Do

  • Send you promotional emails, newsletters, product updates, or any unsolicited commercial electronic messages — ever.
  • Sell, rent, trade, or otherwise transfer your personal information to third parties for commercial purposes.
  • Use your email address or name to contact you for marketing, advertising, or any purpose other than responding to a direct inquiry you initiate.
  • Profile you, build a user behavioural database, or use your data for analytics beyond the basic operation of the Service.
  • Share your data with advertisers or data brokers.

7. Third-Party Service Providers

To operate the Service, we rely on the following trusted third-party processors. Each is bound by its own privacy policy and applicable data protection law:

Google LLC

OAuth 2.0 identity provider — handles the sign-in flow. See policies.google.com/privacy.

Vercel Inc.

Web hosting and serverless function provider. See vercel.com/legal/privacy-policy.

Atlassian Pty Ltd

Optional Jira OAuth integration — when a squad is connected, SprintCap accesses your Jira project on your behalf using OAuth 2.0 tokens stored in encrypted form. See atlassian.com/legal/privacy-policy.

Neon Technologies Inc.

Serverless PostgreSQL database hosting. Your application data is stored on Neon servers. See neon.tech/privacy.

We do not authorise any of these providers to use your personal information for their own marketing purposes.

8. Your Privacy Rights

You have the following rights regarding your personal information held by SprintCap:

  • Right of Access: You may request a summary of the personal information we hold about you.
  • Right of Correction: If your information is inaccurate, you may request a correction.
  • Right of Deletion: You may request that your account and all associated personal information be deleted within 30 days.
  • Right to Withdraw Consent: You may withdraw consent at any time by ceasing to use the Service and submitting a deletion request.

To exercise any of these rights, email fseguerra1@gmail.com with the subject line "Privacy Request". We will respond within 30 calendar days.

9. Data Retention

Your personal information (name, email, profile picture) is retained for as long as your account remains active. Application data (squads, sprints, tickets, capacity records) is retained indefinitely to preserve your planning history, unless you request deletion. Upon a verified deletion request, we will remove your personal information and all associated application data from our systems within 30 days.

10. Security

We take reasonable precautions to protect your personal information:

  • All data is transmitted over HTTPS (TLS encryption).
  • We do not store passwords. Authentication is delegated entirely to Google OAuth.
  • Session tokens are stored in secure, HTTP-only cookies.
  • Jira OAuth tokens are encrypted at rest using AES-256-GCM before database storage. The encryption key is never stored in the database.
  • Database access is restricted and managed by Neon's infrastructure security controls.

No method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

11. Children's Privacy

SprintCap is intended for professional use by adults. The Service is not directed at, and we do not knowingly collect personal information from, persons under the age of 13. If you believe a child has provided us with personal information, please contact us at fseguerra1@gmail.com and we will delete it promptly.

12. Changes to These Terms

We may update these Terms from time to time. When we do, the "Last updated" date at the top of this page will be revised. Your continued use of the Service after any changes constitutes your acceptance of the revised Terms. We will not notify you of changes via email.

13. Contact Us

For any questions, concerns, or requests regarding these Terms or your personal information — including access, correction, and deletion requests — please contact:

fseguerra1@gmail.com

We aim to respond to all privacy requests within 30 calendar days.