Privacy Policy

This Privacy Policy explains how Limestone Digital (“Limestone”, “we”) collects, uses, and protects personal information when you use the DevInt platform (the “Service”). It applies to account holders, members of workspaces that use the Service, and developers whose activity data is processed by the Service.

Account information

Name, email, role, workspace (tenant) membership, authentication metadata, and the content of invitations you accept.

Integration data

When a workspace admin connects a third-party system such as GitHub, Jira, Cursor, Claude API, or OpenAI, we receive data required to produce engineering metrics: commits, pull requests, reviews, issues, worklogs, AI usage events, costs, and the identity mappings that link them to developers.

Usage data

Log entries, timestamps, IP address, browser and device identifiers, and diagnostic information generated when you interact with the Service. We use essential cookies to keep you signed in and remember preferences (such as theme and date range).

• Provide, operate, and secure the Service;
• Compute metrics, comparisons, and visualisations for your workspace;
• Authenticate users and enforce access controls;
• Diagnose issues, detect abuse, and prevent fraud;
• Communicate service notices, billing updates, and (with consent) product news.

We do not sell personal information, and we do not use Customer Data to train general-purpose AI models.

Where GDPR applies, we process personal information on the basis of: (a) performance of a contract with your organization, (b) our legitimate interest in operating and improving the Service, (c) compliance with legal obligations, and (d) consent, where required.

We share personal information only with service providers that help us operate the Service (hosting, monitoring, email delivery, analytics, payments). These subprocessors are bound by contractual obligations consistent with this Policy. A current list is available on request.

We may disclose information when required by law, to respond to lawful requests, or to protect the rights and safety of Limestone, our customers, or the public.

Data may be processed in countries other than the one you reside in. Where required, we rely on Standard Contractual Clauses or equivalent safeguards for cross-border transfers.

We retain account data for as long as the workspace is active. Integration and usage data is retained for the period needed to provide historical metrics, typically up to 36 months, unless your order form specifies otherwise. On termination of the workspace, data is deleted or anonymised within 90 days, except where retention is required by law.

We apply industry-standard safeguards including encryption in transit, encryption at rest for sensitive fields, tenant isolation, role-based access control, audit logging, and periodic security reviews. No system is perfectly secure; please report suspected vulnerabilities to security@limestone.digital.

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. For Customer Data, these requests are typically directed to your workspace admin as the data controller; we assist where required. You can contact us at privacy@limestone.digital.

The Service is not directed to individuals under 16. We do not knowingly collect personal information from children.

We may update this Policy from time to time. Material changes will be communicated via the Service or by email to the workspace administrator. The “Last updated” date at the top indicates when the Policy was most recently revised.

Questions or requests can be sent to privacy@limestone.digital.