Privacy Policy

Introduction

Trigops Inc. ("Trigops," "we," "us," or "our") operates the Trigops cloud operations platform, desktop application, website, and related services (collectively, the "Service"). This Privacy Policy describes how we collect, use, store, and share your information when you use our Service.

By using the Service, you acknowledge and consent to the collection, processing, and use of your information as described in this Privacy Policy. Our legal bases for processing include: performance of a contract (providing the Service you requested), legitimate interests (improving our products, ensuring security, preventing fraud), and consent (where specifically requested, such as for marketing communications).

Information We Collect

How We Access Your Cloud Resources

• We access your AWS resources exclusively through IAM roles that you deploy and authorize via AWS CloudFormation templates.
• No AWS access keys, secret keys, or static credentials are stored in our systems.
• Cross-account access is performed via secure delegation using temporary session credentials with unique encrypted identifiers per organization.
• Permissions are scoped to what you authorize: discovery of your resources and operational permissions to manage (pause and resume) them.
• You retain full control and can revoke access at any time by removing the CloudFormation stack from your AWS account.

How We Use Your Information

• Provide, operate, maintain, and improve the Trigops platform, desktop application, and related services.
• Automate cloud resource management based on your presence, activity patterns, schedules, and configuration.
• Generate savings analytics, cost reports, dashboards, leaderboards, and attribution data.
• Deliver notifications you configure through email, Slack, and HTTP webhook channels.
• Analyze usage patterns, feature adoption, and user engagement to improve our products, services, and user experience.
• Personalize your experience and recommend features, configurations, or plan upgrades.
• Monitor platform health, performance, availability, and security.
• Detect, investigate, and prevent fraud, abuse, unauthorized access, and security incidents.
• Communicate service updates, maintenance notices, security alerts, and, where permitted, promotional and marketing communications (with opt-out options).
• Conduct research and development for new features, products, and services.
• Comply with applicable laws, regulations, and legal obligations, and enforce our Terms of Use.

Third-Party Services & Analytics

• Authentication: Third-party OAuth 2.0 and OpenID Connect (OIDC) compliant identity provider for authentication.
• Cloud Infrastructure: Amazon Web Services for compute, database, caching, encryption, and workflow orchestration.
• Analytics & Engagement Tracking: We use third-party analytics services such as Google Analytics, Mixpanel, or similar tools to measure website traffic, user engagement, feature usage, conversion events, and behavioral patterns. These services may use cookies, pixel tags, device fingerprinting, and similar technologies to collect and analyze usage data.
• Notification Delivery: Email delivery service for transactional notifications, Slack API for messaging, and custom HTTP webhook endpoints that you configure.
• Error & Performance Monitoring: We may use third-party services to monitor application errors, performance metrics, and system health.

Each third-party service is governed by its own privacy policy and terms.

Cookies & Tracking Technologies

• We use cookies, local storage, session storage, and similar technologies to maintain authentication sessions, store user preferences (such as theme and dashboard settings), and collect analytics data.
• Third-party analytics and advertising partners may set their own cookies and tracking technologies for engagement measurement and behavioral analysis.
• You can manage cookie preferences through your browser settings; however, disabling cookies may affect Service functionality.

Data Storage & Security

• Authentication data is managed by a third-party identity provider compliant with OAuth 2.0 and OpenID Connect standards.
• Application data (resource configurations, organization settings, member relationships) is stored in our managed databases, encrypted at rest (AES-256) and in transit (TLS 1.2+).
• Presence and activity data is stored in our managed databases with the same encryption standards.
• For AWS delegation, no static access keys or passwords are stored. Cross-account access uses temporary session credentials with short-lived tokens. A unique long identifier per organization is encrypted and stored securely in our infrastructure.
• We implement multi-tenant data isolation at the database level, ensuring that each organization's data is strictly separated.
• Access to production systems and data follows role-based access controls and security best practices.
• We conduct regular security reviews, vulnerability assessments, and infrastructure monitoring.
• System telemetry, application logs, and error reports are collected and stored for platform monitoring, debugging, and performance optimization.
• Our Service is hosted and operated in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate.
• While we implement industry-standard security measures, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security of your data.
• In partnership scenarios, data access between organizations is governed by the partnership scope defined by the respective administrators. Partnership access does not weaken per-organization data isolation — each organization's data remains separated at the database level, with shared access limited to the explicitly defined partnership scope.

Data Retention

• Account data is retained while your account is active and for a commercially reasonable period after account deletion for compliance, audit, and dispute resolution purposes.
• Presence, activity, and savings data is retained for historical analytics, reporting, and trend analysis.
• Usage analytics and engagement data is retained for product improvement, business analysis, and research purposes.
• You may request deletion of your personal data at any time, subject to applicable legal retention requirements and legitimate business needs.

Desktop Application & Installed Software

• The Trigops desktop application runs as a lightweight system tray application on your macOS or Windows device.
• The application monitors your device's idle and active status using operating system APIs. This is similar to how screen savers detect inactivity. It does not involve keystroke logging, screen capture, clipboard monitoring, or inspection of application content.
• When work tools detection is enabled, the application identifies which applications are in the foreground (active window detection) or running as processes (process list scanning) on your device. This functionality collects application names and process identifiers to determine whether development tools are in active use. No content within those applications is captured, recorded, or transmitted.
• The application periodically sends heartbeat data to our servers containing: your presence status, a timestamp, a device identifier, and a boolean flag indicating whether work tools are detected as active.
• Desktop profiles store device-specific settings including idle thresholds, detection mode, selected work tools, and polling intervals. These settings are synchronized with our servers.

Activity Logging & Attribution

Trigops logs operational activities performed within your organization, including resource pause and resume actions, configuration changes, automation events, and administrative actions. Each action is attributed to the identity that initiated it — whether directly or via automated triggers such as presence detection or schedule automation. Organization administrators and members with elevated permissions may view activity logs, savings attributions, operational history, and change detection reports within their organization scope. This data is used to generate savings analytics, dashboards, leaderboards, and cost attribution reports. Activity data is retained for historical analytics and audit purposes as described in our Data Retention section.

Data Sharing & Disclosure

• We do not sell your personal information to third parties.
• We may use and share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you for any lawful business purpose without restriction, including product improvement, analytics, benchmarking, industry research, and marketing.
• We share data with service providers and contractors who assist in operating, maintaining, and improving our platform, subject to confidentiality obligations and data processing agreements.
• We may disclose your information if required to do so by law, regulation, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change.
• Organization administrators and members with appropriate permissions may access your presence data, resource activity, savings attributions, and management actions within their organization scope.

Your Rights & Choices

• Access, review, correct, or update your personal data through your account settings or by contacting us.
• Request deletion of your personal data, subject to applicable legal retention requirements.
• Disconnect AWS accounts and revoke delegated IAM role access at any time by removing CloudFormation stacks.
• Opt out of marketing and promotional communications by following the unsubscribe instructions in those messages.
• Request a portable copy of your data in a structured, commonly used format.
• Object to or restrict certain data processing activities where applicable under local law.
• Contact us at privacy@trigops.com for any privacy-related requests.

Organization Administrator Visibility

If you use Trigops as part of an organization, your organization administrator and members with superuser or elevated permissions may have access to your presence data, activity logs, savings attributions, and resource management actions within that organization. The administrator determines roles, permissions, and data visibility settings for organization members. Trigops does not control how your organization administrator uses or shares this information within the organization.

If your organization participates in a partnership with another organization, members of the partner organization with the permissions defined in the partnership scope may access shared resources, activity data, and savings attributions. Partnership access is additive and does not override your organization's internal data isolation. Both organizations' administrators control the scope and duration of the partnership.

Children's Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to promptly delete such information. If you believe a child has provided us with personal information, please contact us at privacy@trigops.com.

Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. There is currently no universally accepted standard for how companies should respond to DNT signals. We do not currently alter our data collection or use practices in response to DNT signals. You can manage your tracking preferences through your browser cookie settings, third-party analytics opt-out tools, or by contacting us directly.

Jurisdiction-Specific Rights

Changes to This Policy

• We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations.
• For material changes, we will provide notice via email to the address associated with your account or through a prominent in-app notification prior to the changes taking effect.
• Your continued use of the Service after the updated Privacy Policy becomes effective constitutes your acceptance of the changes.

Last updated: March 2026