Privacy Policy

naked Agility Ltd is committed to protecting your privacy and ensuring transparency in how we handle personal information. This Privacy Statement outlines the services and tools we use, the regions where data is processed or stored, and how your personal information is managed.

Please refer to our Terms of Business and working with us for additional information on our practices.

Consulting Practice Privacy

Services and Data Regions

We use the following third-party services for our consulting services, which process or store personal data:

• Microsoft Office 365 (Azure US) Used for email, calendar, document storage, communication, recordings, and transcriptions of meetings. Data processed in Azure datacenters located in the United States.

• FreshBooks (SaaS/GCP Global) Used for invoicing, billing, and customer management. Data stored primarily in Google Cloud Platform data centers in the United States.

• Remarkable (SaaS Norway) Used for note-taking and documentation. Data is processed and stored within Remarkable’s infrastructure based in Norway.

• Azure DevOps (Azure EU/US) Used for software development, work item management, and migration activities. Data including project management information and personal identifiers (names, emails) is processed in Azure data centers located in the European Union and United States.

• GitHub (Global) Used for software development and collaboration. Data stored globally in GitHub’s distributed infrastructure primarily located in the United States.

• 1Password (Global) Used to securely store passwords, keys, and sensitive information. Data stored in 1Password’s secure global infrastructure.

Data We Collect and Process

We may collect and process the following personal information during our consulting engagements:

• Names and contact information (including email addresses)
• Correspondence and meeting content, including audio or video recordings and transcriptions
• Notes and documentation created during engagements
• Any migration work involving Azure DevOps or GitHub, where data including PII (names, emails associated with work items) would transit through either our local machine in Scotland or a VM provisioned in Azure (EU/US). This includes the names and emails of all contributors, past and present.
• Source code downloaded to assist with engineering practices
• Security keys and passwords used to access your infrastructure, securely stored in 1Password

How We Use Your Data

Your personal information is used solely for providing consulting services, managing client relationships, performing technical migrations, assisting with engineering practices, and related activities. We do not sell or share your personal information with third parties other than the services explicitly mentioned in this statement.

Infrastructure and Data Security

All our infrastructure uses encryption at rest, leveraging the latest hardware equipped with Trusted Platform Module (TPM) technology. All systems are regularly updated with the latest operating system and application patches to minimize security risks and ensure data protection.

Azure DevOps Migration Tools Privacy

We take your privacy seriously. The Azure DevOps Migration Tools are designed with transparency and minimal data handling in mind.

Data Processing

All data used during a migration is processed locally on the machine running the tool. No project data, work items, or other customer content is sent to external services or transmitted over the internet by the tools themselves.

Logging and Telemetry

To improve the stability, performance, and reliability of the tools, we collect basic diagnostic and operational data:

• Application Insights (EU) We use Microsoft Application Insights, hosted in the European Union, to collect anonymous telemetry such as command usage, performance metrics, and error rates.

• Elmah.io We use Elmah.io for logging and error tracking. Logs may include technical details about the environment and exceptions but do not include user data or project content.

Website Data Collection

When you visit our website, we may collect anonymous usage data to help us understand visitor behaviour and improve the site experience. This includes:

• Breva Used to collect visitor interaction data and provide insights into user journeys across the website.

• Google Analytics Helps us track general usage patterns and measure the effectiveness of content and navigation.

• Google Tag Manager Used to manage tracking scripts and third-party tags without modifying site code.

No personally identifiable information is collected through these tools unless you explicitly provide it via forms or interactions.

Consent and Data Transfers

By engaging our services or using our tools, you consent to your data being processed in the regions specified above. If your location or regulations require explicit consent for these transfers, please ensure it is obtained before proceeding.

Data Security and Compliance

All diagnostic and analytical data is handled in accordance with GDPR and other applicable data protection regulations. We take all reasonable measures to protect your personal data, including encryption, secure access controls, and regular auditing of our systems and processes. We do not sell or share any personally identifiable information with third parties.

Access, Modification, and Deletion

You have the right to access, correct, or request deletion of your personal data. Please contact us directly with your requests.

Changes to This Privacy Statement

This statement may be updated periodically. The latest version will always be available on our website.

Contact Us

If you have any questions or concerns regarding our privacy practices or wish to request the removal of telemetry or analytics data, please contact us .