This Privacy Policy explains how Aude Incorporated (“Aude”, “we”, “us” or “our”) collects, uses and shares personal information when you:

  • Visit our websites (including https://www.aude.ai)

  • Use our products and services (the “Service”)

  • Communicate or interact with us (for example, by email or through support)

This Policy does not replace or limit any separate written agreement you may have with us (for example, a Subscription Agreement or Data Processing Agreement). If there is a conflict, that written agreement will control.

If you have any questions, you can contact us at privacy@aude.ai.

1. How we fit into data protection laws

When we decide why and how personal data is processed (for example, for our website, CRM, and product accounts), we act as a “controller” under data protection laws.

When we process data on behalf of our customers (for example, engineering metadata pulled from Azure DevOps, Confluence or Microsoft Teams), we act as a “processor”. That processing is governed by our Data Processing Agreement (DPA) with each customer.

This Privacy Policy mainly describes our role as controller. For information about our role as processor for Customer Data, please see the relevant DPA and our Security Overview.

2. Information we collect

We collect different types of information depending on how you interact with us.

2.1 Information you provide to us

  • Contact and account information

    • Name, email address, company name, role, password (hashed), and other details you provide when you sign up for the Service, request a demo, or contact us.

  • Customer communications

    • Information you provide in emails, support requests, surveys, or feedback forms.

  • Billing and commercial information

    • For paying customers, we may collect billing contact details and transaction-related information. Payment card data is typically processed directly by our payment processor (e.g. Stripe), not by Aude.

2.2 Information we collect automatically

When you visit our websites or use the Service, we automatically collect:

  • Usage and device information

    • IP address, browser type, operating system, device identifiers, pages viewed, time spent, and the actions you take in the Service.

  • Log data

    • Logs of access, API calls, configuration changes, errors and other events needed to operate and secure the Service.

We may use cookies and similar technologies to remember preferences, keep you logged in, and measure usage. You can usually control cookies through your browser settings; disabling some cookies may affect how the Service works.

2.3 Information from integrations and third parties

If your organisation connects third-party tools to Aude.ai (for example Azure DevOps, Confluence, Microsoft Teams, GitHub Copilot or similar), we will receive data from those tools as configured by your admins. This typically includes:

  • Engineering work metadata (IDs, titles, statuses, timestamps, relationships)

  • Limited collaboration context (e.g. names of channels/spaces, participants, and limited message or comment text from team-visible areas)

  • Usage statistics (e.g. AI tool adoption, activity metrics)

We do not require or intentionally process source code contents or your own end-customer financial account data for the core Service.

We may also receive basic contact data about you from partners or public sources (e.g. LinkedIn, conference registration lists), where permitted by law.

3. How we use your information

We use personal information for the following purposes:

3.1 To provide and operate the Service

  • Creating and managing accounts

  • Authenticating users and securing access

  • Processing data from integrations to generate analytics and insights

  • Providing dashboards, reports, notifications and related features

Legal basis (EEA/UK): performance of a contract and our legitimate interests in providing and improving the Service.

3.2 To support you and communicate with you

  • Responding to questions, support requests and feedback

  • Sending important notices about the Service (changes, security alerts, downtime)

  • Inviting you to onboarding and review sessions

Legal basis: performance of a contract and our legitimate interests in operating our business and supporting users.

3.3 To improve and develop the Service

  • Analysing usage to understand what works and what doesn’t

  • Testing new features and improvements

  • Developing models and insights, including using aggregated or anonymised data

Where possible, we use de-identified or aggregated data for these purposes.

Legal basis: our legitimate interests in improving the Service and user experience.

3.4 Marketing and business development

  • Sending you updates, product news and event invitations

  • Personalising content and communications

You can opt out of marketing emails at any time by using the unsubscribe link in the email or contacting us at privacy@aude.ai.

Legal basis: consent (where required) and our legitimate interests in promoting the Service.

3.5 Safety, security and legal compliance

  • Protecting the Service and our users from abuse, security incidents and fraud

  • Enforcing our Terms of Service and other agreements

  • Complying with legal obligations and responding to lawful requests from authorities

Legal basis: compliance with legal obligations and our legitimate interests in security and risk management.

4. How we share information

We do not sell or rent your personal information.

We may share personal information with:

  • Service providers / sub-processors

    • Cloud infrastructure providers (e.g. AWS, Azure)

    • AI providers, logging and observability tools

    • Email delivery, support, analytics and billing providers
      These third parties process data on our behalf and are bound by appropriate contractual and security obligations.

  • Your organisation

    • If you use the Service under an organisation’s account, your information (such as your name, email and activity within the Service) may be visible to admins and other users in that organisation.

  • Professional advisers and acquirers

    • Lawyers, accountants, auditors or potential acquirers, where necessary in connection with a business transaction or to protect our rights.

  • Authorities and legal requests

    • Where we are required to comply with law, regulation, legal process or enforceable government request, or to protect the rights, property or safety of Aude, our users or others.

We may share or publish aggregated or anonymised information that does not reasonably identify you.

5. International transfers

Aude is based in the United States and uses service providers located in various countries. This means your personal data may be transferred to and processed in jurisdictions that may have different data protection laws from those in your country.

Where we transfer personal data from the UK or EEA to countries that do not provide an adequate level of protection, we implement appropriate safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission; and/or

  • The UK International Data Transfer Addendum.

You can contact us at privacy@aude.ai for more information about these safeguards.

6. Data retention

We retain personal information for as long as reasonably necessary to:

  • Provide the Service and fulfil the purposes described in this Policy

  • Comply with legal, accounting or reporting obligations

  • Resolve disputes and enforce our agreements

Retention periods vary depending on the type of data and the context of processing. When personal information is no longer needed, we will delete or anonymise it, or if that is not possible (for example, because it is stored in backup archives), we will securely store it and isolate it from further use until deletion is possible.

For data we process on behalf of customers as processor, retention and deletion are governed by the relevant DPA and Subscription Agreement.

7. Your rights and choices

Depending on where you live, you may have certain rights over your personal data, including:

  • Accessing a copy of your personal data

  • Requesting correction of inaccurate or incomplete data

  • Requesting deletion of your personal data

  • Restricting or objecting to certain processing

  • Receiving your data in a portable format

  • Withdrawing consent, where processing is based on consent

You can exercise these rights by contacting us at privacy@aude.ai. We may need to verify your identity before responding.

If you use the Service through your organisation, we may refer your request to your organisation, as they are the controller of Customer Data.

If you are in the UK or EEA, you also have the right to lodge a complaint with your local data protection authority. For example, in the UK this is the Information Commissioner’s Office (ICO).

8. Children’s privacy

The Service is not intended for children under 16, and we do not knowingly collect personal information from children. If you believe we have collected personal information from a child, please contact us and we will take appropriate steps to delete it.

9. Third-party sites and services

Our websites and Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

10. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. If we make material changes, we may also provide additional notice (for example, by email or in-product notification).

Your continued use of the Service after any changes to this Policy will constitute your acceptance of the revised Policy.

11. Contact us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@aude.ai

You can also contact us at the address listed in our Terms of Service or Subscription Agreement.