.png)
Complete visibility into time & dollars spent
Create meaningful reports and dashboards
Set targets and get notified of delivery risks
Track and forecast all deliverables
Create and share developer surveys
Align and track development costs
As a SOC2 Type II certified organization, Allstacks makes every effort to bring you insights about your organization without storing any sensitive data. To that end, we only store metadata about your organization and your organization’s tools. We do not store full copies of source code, documentation, or private communication. Where our platform does inspect this data for analysis, it is transferred to the server, processed, and then immediately purged. We do not access or store private communication.
From each of your tools, we do store the following data for the purpose of data presentation:
Some Personally Identifiable information:
Most personally identifying information, including:
All stored data is encrypted at rest in our cloud offering. Data handling for custom integrations and on premise installations is dependent on the provided hardware, infrastructure, and provider policies.
Some software integrations only provide a “basic” authentication structure, which requires storing a username and password for access. In these cases, we store pertinent credentials in a secured database, salted and encrypted with a key stored externally to the database.
Access tokens, API tokens, OAuth and OAuth2.0 credentials, and other connection credentials are stored in a secured database, salted and encrypted with a key stored externally to the database.
Access credentials are persisted unless the user removes the connection to the service. This allows Allstacks to consistently update and refresh our data to provide you with the most accurate and timely view of your data.
Allstacks processes data from a very large number of sources and takes your data privacy and sensitivity very seriously. After explicitly granting access to each tool, Allstacks downloads specific data sets for processing. Each data set undergoes a two-step process where (1) each download is scanned, and relevant metadata is stored in a persistent database. (2) This metadata is then processed to identify key metrics and insights, which are stored and presented on the platform.
Allstacks stores all data with Amazon Web Services, and as such, benefits from the secured, distributed, fault tolerant environment provided by Amazon. Detailed information on Amazon’s security practices can be found here: https://aws.amazon.com/security/
Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
Allstacks restricts access to production servers and databases to a few, select, staff members. Security breaches are held as the highest level of infraction, and offenders are immediately terminated.
Allstacks supports a number of security policies that help restrict access to customers’ data:
This document will be updated as features and security improvements are integrated into the system. An updated copy can always be obtained by contacting Allstacks at support@allstacks.com, and requesting an up-to-date copy of the data protection statement.
All data requests can be made through the official communication channel at support@allstacks.com.
Any data can be removed upon request. This includes removal of the full set of data collected for an organization, a service, or an individual. This request should be made to the above address.
Customer data is not stored for longer that it is needed. We require data about employees and users to deliver accurate data visualizations, and remove this data either upon request, or after an audit period [30 days max] after the account is terminated.
Data is also removed if deemed out of date, or no longer valid. This can happen from removal of connected services, termination of accounts, or other events originating from connected service providers.