Privacy Policy

Effective: February 19, 2024. Last Revised: February 19, 2024.

Introduction

At Repeato, we believe that privacy is a right. In this privacy policy, we want to help you understand how and why Repeato (“Repeato”,” “we” or “us”) collects, uses, and shares information about you when you use our websites, apps, cloud storage, APIs, emails, and other online products and services (collectively, the “Services”) or when you otherwise interact with us or receive a communication from us.

We want this privacy policy to empower you to make better choices about how you use Repeato. We’d love for you to read the whole policy, but if you don’t, here is the TL;DR:

We collect minimal information about you.

We collect minimal information that can be used to identify you by default. If you want to just browse, you don’t need an account. If you want to create an account to use our Serivices, we ask for as little personal information as possible. We don’t track your precise location. You own your data and you can store all the Repeato data locally.

We only use data to make Repeato a better place.

Any data we collect is used primarily to provide our Services, which are focused on improving the way how test automation is done. We don’t sell your personal data to third parties, and we never work with data brokers.

All of our users get privacy rights – not just those in select countries.

Privacy rights are for everyone. At Repeato, anyone can request a copy of their data, account deletion, or information about our policies.

If you have questions about how we use data, just ask.

We’ve tried our best to make this as easy to understand as possible but sometimes privacy policies are still confusing. If you need help understanding this policy or anything about Repeato, just ask.

What Information We Collect

	Information You Provide to Us We collect information you provide to us directly when you use the Services. This includes:
	Account information		You need an account to use Repeato. If you create a Repeato account, your account will have an email address and a passwort, we also collect your name and company, in some cases also telephone numbers. We do this to allow you to improve the user experience of our services. We use your name so we can reach out to you personally. In some rare cases we might use your telephone number to ask for feedback. We also store your user account preferences and settings. We may ask for such information to help improve your experience exploring Repeato.
	Content you share		By default we do not collect any data except data mentioned above under “Account information”. All your data gets stored locally on your computer (tests, batches, test runs, reports, etc.). However with Repeato v1.5 and up we are shipping cloud- and AI-features, that require cloud services. If you use those features (e.g. for sharing a report via our services), we will have to store data on our servers. We might also use that data to improve our AI models or look at the reports to improve our services. We will not share this data with any third party.
	Transactional information		If you purchase products or services from us or otherwise through the Services, you will have to provide payment information in order to complete your purchase. Repeato uses industry-standard payment processor services (e.g., Stripe) to handle payment information, and those services are subject to separate terms and conditions and privacy policies. We will collect information about the product or service you are purchasing (e.g., purchase dates, amounts paid or received, and expiration and renewal dates).
	Other information		You may choose to provide other information directly to us. For example, we may collect information when you fill out a form, survey, participate in Repeato-sponsored activities, promotions, or programs, apply for a job, request customer support, or otherwise communicate with us.

	Information We Collect Automatically When you access or use our Services, we may also automatically collect information about you. This includes:
	Log and usage data		We collect information about the actions you take when using the Services. This includes your interactions with the platform and content, like creating tests, using certain features. We do this, so we can offer the best possible support and to improve the user experience of our product. We may log information when you access and use the Services. This may include your IP address, user-agent string, browser type, operating system, referral URLs, device information (e.g., device IDs), device settings, mobile carrier name, pages visited, links clicked, the requested URL, and search terms. Except for the IP address used to create your account, Repeato will delete any IP addresses collected after 100 days.
	Information collected from cookies and similar technologies		We may receive information from cookies, which are pieces of data your browser stores and sends back to us when making requests, and similar technologies. We use this information to deliver and maintain our Services, improve your experience, understand user activity, personalize content and advertisements, measure the effectiveness of advertising, and improve the quality of our Services. For example, we store and retrieve information about your preferred language and other settings. See our Cookie Notice for more information about how Repeato uses cookies. For more information on how you can disable cookies, please see “Your Choices” below.
	Location information		We may receive and process information about your location. We may receive location information from you when you choose to share such information on our Services, including via the Location Customization setting or by associating your content with a location, or we may derive an approximate location based on your IP address.

How We Use Information

We use information about you to:

Provide, maintain, and improve the Services;
Personalize services, content, and features that match your activities, preferences, and settings;
Help protect the safety of Repeato and our users, which includes blocking suspected spammers, addressing abuse, and enforcing the Repeato User Agreement and our other terms and policies, as well as comply with applicable law;
Research and develop new services;
Send you technical notices, updates, security alerts, invoices, and other support and administrative messages;
Provide customer service;
Communicate with you about products, services, offers, promotions, events, and programs, and provide other news and information we think will be of interest to you (for information about how to opt out of these communications, see “Your Choices” below);
Monitor and analyze trends, usage, and activities in connection with our Services.

Data Storage and User Agency

At Repeato, we are deeply committed to empowering our users with maximum control over their personal data. We understand the importance of privacy and agency in the digital age, which is why our product is designed with these principles at its core.

Local Data Storage

To ensure that you, as a user, have full authority over your data, Repeato prioritizes local storage of information on your device. By keeping your data on your computer, we minimize the risk of unauthorized access and provide you with direct control over your information. This approach allows you to manage, backup, or delete your data as you see fit, without the need for intermediaries.

Commitment to Open Formats

In alignment with our belief in transparency and user empowerment, Repeato utilizes open formats for data storage and exchange. Open formats are crucial for several reasons:

Interoperability: They ensure that you can access and manipulate your data using any software that supports these formats, not just Repeato.
Longevity: Open formats are less likely to become obsolete, ensuring that your data remains accessible in the long term.
Transparency: By using open formats, we guarantee that the structure and storage of your data are not locked behind proprietary barriers. This transparency allows for greater security and the ability to audit data independently.

In addition to the information that is displayed publicly as described above, we may share information in the following ways:

With your consent. We may share information about you with your consent or at your direction.
With linked services. If you link your Repeato account with a third-party service, Repeato will share the information you authorize with that third-party service. You can control this sharing as described in “Your Rights and Choices” below.
With our service providers. We may share information with vendors, consultants, and other service providers who need access to such information to carry out work for us. Their use of personal data will be subject to appropriate confidentiality and security measures. A few examples: (i) payment processors who process transactions on our behalf, (ii) cloud providers who host our data and our services, and (iii) compliance providers who help us determine your eligibility to participate in Repeato Programs.
To comply with the law. We may share information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, legal process, or governmental request, including, but not limited to, meeting national security or law enforcement requirements. To the extent the law allows it, we will attempt to provide you with prior notice before disclosing your information in response to such a request.
In an emergency. We may share information if we believe it’s necessary to prevent imminent and serious bodily harm to a person.
To enforce our rights and promote safety and security. We may share information if we believe your actions are inconsistent with our User Agreement, rules, or other Repeato terms and policies, or to protect the rights, property, and safety of the Services, ourselves, and others.
With our affiliates. We may share information between and among Repeato, and any of our parents, affiliates, subsidiaries, and other companies under common control and ownership.
Aggregated or de-identified information. We may share information about you that has been aggregated or anonymized such that it cannot reasonably be used to identify you.

How We Protect Your Information

We take measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. For example, we use HTTPS while information is being transmitted. We also enforce technical and administrative access controls to limit which of our employees have access to non-public personal information.

We store the information we collect for as long as it is necessary for the purpose(s) for which we originally collected it. We may retain certain information for legitimate business purposes and/or if we believe doing so is in accordance with, or as required by, any applicable law. For example, if you violate our policies and your account is suspended or banned, we may store the identifiers used to create the account (such as phone number) to prevent you from creating new accounts.

Your Rights and Choices

You have choices about how to protect and limit the collection, use, and sharing of information about you when you use the Services. You also have the right to correction/rectification of your personal information, to opt out of certain advertising practices, or to withdraw consent for processing where you have previously provided consent. Below we explain how to exercise each of these rights. Repeato does not discriminate against users for exercising their rights under data protection laws.

	Accessing and Changing Your Information		You can access your information and change or correct certain information through the Services. See our Client Center for more information. You can also request a copy of the personal information Repeato maintains about you by requesting it here.
	Deleting Your Account		You can always submit a request to delete all the personal information Repeato maintains about you by requesting it here.
	Controlling the Use of Cookies		When you visit our website the first time, you are asked to opt in to cookies. If you don’t consent, we will not use cookies. For more information on controlling how cookies and similar technologies are used on Repeato, see our Cookie Notice.
	Controlling Advertising and Analytics		Some analytics providers we partner with may provide specific opt-out mechanisms and we may provide, as needed and as available, additional tools and third-party services that allow you to better understand cookies and how you can opt out. For example, you may manage the use and collection of certain information by Google Analytics via the Google Analytics Opt-out Browser Add-on.
	Do Not Track		Most modern web browsers give you the option to send a Do Not Track signal to the sites you visit, indicating that you do not wish to be tracked. However, there is no accepted standard for how a site should respond to this signal, and we do not take any action in response to this signal. Instead, in addition to publicly available third-party tools, we offer you the choices described in this policy to manage the collection and use of information about you.
	Controlling Promotional Communications		You may opt out of receiving some or all categories of promotional communications from us by clicking the “unsubscribe” link that can be found at the end of all our emails. If you opt out of promotional communications, we may still send you non-promotional communications, such as information about your account or your use of the Services.

If you have questions or are not able to submit a request to exercise your rights using the mechanisms above, you may also email us at office@repeato.app from the email address that you have verified with your Repeato account.

Before we process a request from you about your personal information, we need to verify the request via your access to your Repeato account or to a verified email address associated with your Repeato account. If we deny your request, you may appeal our decision by contacting us at office@repeato.app.

International Data Transfers

Repeato is based in Austria (EU), but we process and store information on servers located in the EU but also in the United States. We may store information on servers and equipment in other countries depending on a variety of factors. By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer, and storage of information in and to the United States and other countries, where you may not have the same rights as you do under local law.

When we transfer the personal data of users in the EEA, UK and/or Switzerland, we rely on the Standard Contractual Clauses approved by the European Commission for such transfers or other transfer mechanisms deemed ‘adequate’ under applicable laws.

Additional Information for EEA and UK Users

Users in the EEA and UK have the right to request access to, rectification of, or erasure of their personal data; to data portability in certain circumstances; to request restriction of processing; to object to processing; and to withdraw consent for processing where they have previously provided consent. These rights can be exercised as described in the “Your Rights and Choices section above. EEA users also have the right to lodge a complaint with their local supervisory authority.

As required by applicable law, we collect and process information about individuals in the EEA and UK only where we have a legal basis for doing so. Our legal bases depend on the Services you use and how you use them. We process your information on the following legal bases:

You have consented for us to do so for a specific purpose;
We need to process the information to provide the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
It satisfies a legitimate interest (which is not overridden by your data protection interests), such as preventing fraud, ensuring network and information security, enforcing our rules and policies, protecting our legal rights and interests, research and development, personalizing the Services, and marketing and promoting the Services; or
We need to process your information to comply with our legal obligations.

Additional Information for California Users

The California Consumer Privacy Act (“CCPA”), as amended, requires us to provide California residents with some additional information, which we address in this section.

In the last 12 months, we collected the following categories of personal information from California residents, depending on the Services used:

Identifiers and account information, like your email address, IP address, and cookie information. In some cases also the telephone number.
Commercial information, including information about transactions you undertake with us.
Internet or other electronic network activity information, such as information about your activity on our Services.
Geolocation information based on your IP address.
Professional or employment-related information or demographic information, but only if you explicitly provide it to us, such as by applying for a job or filling out a survey.
Inferences we make based on other collected data, for purposes such as recommending content, advertising, and analytics.

You can find more information about (a) what we collect and sources of that information in the “Information We Collect” section of this notice, (b) the business and commercial purposes for collecting that information in the “How We Use Your Information” section, and (c) the categories of third parties with whom we share that information in the “How We Share Information” section.

If you are a California resident, you have additional rights under the CCPA, including the right to opt out of any sales or sharing of your personal information, to request access to and information about our data practices, and to request deletion or correction of your personal information, as well as the right not to be discriminated against for exercising your privacy rights. Repeato does not “sell” or “share” personal information as those terms are defined under the CCPA. We do not use or disclose sensitive personal information except to provide you the Services or as otherwise permitted by the CCPA.

You may exercise your rights to access, delete, or correct your personal information as described in the “Your Rights and Choices” section of this notice. When you make a request, we will verify your identity by asking you to sign into your account or if necessary by requesting additional information from you. You may also make a rights request using an authorized agent. If you submit a rights request from an authorized agent who does not provide a valid power of attorney, we may ask the authorized agent to provide proof that you gave the agent signed permission to submit the request to exercise rights on your behalf. In the absence of a valid power of attorney, we may also require you to verify your own identity directly with us or confirm to us that you otherwise provided the
authorized agent permission to submit the request. If you have any questions or concerns, you may reach us using the methods described under “Your Rights and Choices” or by emailing us at office@repeato.app.

Changes to This Policy

We may change this Privacy Policy from time to time. If we do, we will let you know by revising the date at the top of the policy. If the changes, in our sole discretion, are material, we may also notify you by sending an email to the address associated with your account (if you have chosen to provide an email address) or by otherwise providing notice through our Services. We encourage you to review the Privacy Policy regularly to stay informed about our information practices and the ways you can help protect your privacy. By continuing to use our Services after Privacy Policy changes go into effect, you agree to be bound by the revised policy.

Contact Us

If you have other questions about this Privacy Policy, please contact us at:

Repeato
Horeischygasse 13
1130 Vienna
Austria

For email inquiries, you may reach our Data Protection Office at office@repeato.app.