Data Management Policies
Types of Data Ingested by Treno
Treno accesses the minimum amount of customer data necessary to provide its services. Treno primarily retrieves entity metadata, such as: timestamps, identifiers, and priorities. This metadata is utilized to calculate metric, derive trends, etc. Data descriptions such as issue title, branch titles, sprint names and assignee/creator are also retrieved from certain data sources.
Transfer Protocols within the application
All ingested data and data in the application is managed Treno is encrypted both in transit and at rest using TLS 1.x and AES256, respectively.
Storage and Retention
Ingested data used to derive/calculate metrics is discarded immediately after the calculation of said metrics. Treno retains derived/calculated data and metrics for one year or as long as the customer’s Treno account is active - whichever is shorter. One year’s worth of derived/calculated data is used for historical comparison and analysis purposes of delivery metrics within the system. The same one year storage calendar applies to the descriptive data and information outlined earlier.
At any time, users can pause, stop or delete any individual integration from within the Treno application. Additionally, at any time customers can request the deletion of any or all data stored in the system by submitting a support request to Treno.
For paying customers who choose to not renew their account, unless specifically requested otherwise, all account data is automatically deleted 30 days after an account’s renewal date. This lag allows for customers to renew past their deadline and not lose created, saved and stored reports. However, upon a customer’s expressed intent not to renew, they may request for expedited deletion of data. If so, requested data will be deleted 7 days after the account’s renewal date.
For prospects in timed bound trials or proof of concepts, unless specifically requested otherwise, data is automatically deleted 7 days after the end of the trial or proof of concept.
Treno Application Infrastructure
Treno’s application and application infrastructure are hosted on the Google Cloud Platform (GCP), which is independently verified for compliance with a variety of standards, including: SOC2, GDPR, CCPA, HIPAA, and FedRAMP.
All ingested data remains in the country of origin of the data. It is not replicated or backed up to other GCP zones or countries.