Bravo Notes - Privacy & Security
Agile Extensions provides different extensions for the products Azure DevOps and Team Foundation Server. All extensions are hosted within the existing products.
For more information on security and privacy of Azure DevOps refer to
Permanent data storage
All permament data that is written by extensions is stored within the host products infrastructure. No data accessed through the extension (for example work item data or files form code repositories) is transferred and then permanently stored outside of the host products.
Some features of Bravo Notes require the use of backend services at bravonotes.com hosted on Azure.
Features that require backend services are Export to PDF as well as Publish images to bravonotes.com. For those features to work the following data is sent via https to bravonotes.com:
- HTML representation of release notes to be published or converted to a PDF
- Azure DevOps account name the extension is used in (e.g. acmeinc.visualstudio.com)
- App token to verify the request was made from within the Bravo Notes extension including the user id of the current user
- Short lived access token to
- verify the current user has access to the Azure DevOps account
- download attachments to include them in rendered PDF documents
- download attachments to to upload to bravonotes.com for anonymous access
To improve the quality of our products we make use of Microsoft Application Insights.
We capture metrics on how fast extensions load, if there are any errors occuring and what parts of
our extensions users load and interact with.
For more information about Application Insights please refer to https://azure.microsoft.com/en-us/services/application-insights
Support / Helpdesk
E-Mails to firstname.lastname@example.org and messages sent through our In-App help widget are tracked in HelpScout.
Email- and In-App-Messaging
We use UserList to communicate with users via E-Mail and In-App messages.
We understand the importance of ensuring the privacy of your personally identifiable information.
As part of usage tracking we are currently tracking this data to gather insights:
- Email-Domain (e.g. @acmeinc.com)
Opting out of tracking
At the moment there is no easy way to opt out of usage and error tracking. We will provide options
to opt out of usage and or error tracking shortly.
Blocking calls on our backend
At your request we will gladly add your Azure DevOps account to a block-me list on our backend so that any
requests that might have been sent by unintentionally are not being accepted by our backend services.
Effective as of March 12, 2018.
For more information please contact us at email@example.com.