Search Results

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Privacy Policy If you receive our surveys, newsletters, or other marketing We at 55 Degrees AB (" 55 Degrees ", "we "," our ", and" us ") care about your privacy and want you to feel safe when we process your personal data. In this privacy policy, we want to inform you about how we process your personal data when you receive our surveys, newsletters, or other marketing and what rights you have regarding this data processing. ​ Our goal is to be as transparent as possible regarding our processing of your personal data – do not hesitate to contact us with any questions you have! In short When you subscribe to our newsletters, we process your personal data as necessary to: - send surveys, newsletters, and other marketing to existing customers/attendees , - send newsletters to you, - send newsletters and other marketing to potential customers , and - analyze how you use our newsletters (e.g., what you click on) to improve and develop the newsletters we send. ​ If you unsubscribe from receiving our newsletters, we keep track of your wish in an “unsubscribe list ” to avoid sending you any marketing material. Below you will find information about the processing and storage time of your personal data that we at 55 Degrees are responsible for when you subscribe to our newsletters. Here you can find all our privacy policies which describe how we process personal data in other situations, e.g., if you work for a company that is a customer of 55 Degrees, if you visit our website, or if you are otherwise in contact with us. ​ Your rights Below you will find a detailed description of your rights and how to exercise them. In summary, you have the following rights: ​ the right to lodge a complaint with a supervisory authority, the right to withdraw your consent to our processing , the right to access what personal data we process about you, the right to object to our processing, the right to erasure of the personal data we process, the right to rectification of any personal data that is inaccurate, the right to restrict our processing, and the right to data portability . ​ If you have any questions about your rights or want to exercise any of your rights, you are more than welcome to contact us. ​ Below you can read more about: By pressing the selected heading, you will be moved to the relevant paragraph. ​ Who is responsible and how to contact us? A detailed description of how we process your personal data Who can gain access to your personal data and why? What are your rights when we process your personal data? Detailed description Balancing of interests assessments when processing personal data based on the legal basis of “legitimate interests” When we refer to "your company" in this privacy policy, we refer to your employer or the organization or public body that you represent. ​ Who is responsible, and how to contact us? We at 55 Degrees are generally processing personal data on the instructions of our customers, i.e., as processors. When you receive our surveys, newsletters, or other marketing, it is 55 Degrees AB that is responsible for the processing of your personal data. ​ If you have any questions or if you wish to exercise any of your rights, we are available at: Full name of legal entity: 55 Degrees AB (organization number 559201-6843) E-mail address: privacy@55degrees.se Mailing address: Lilla Nygatan 7, 211 38 Malmö, Sweden ​ ​ A detailed description of how we process your personal data Below you will find a detailed description of how we process your personal data. We gather your personal data directly from you and provide some personal data ourselves by analyzing how you use our newsletters. To send surveys, newsletters and other marketing to existing customers/attendees What processing we perform ​​ Send information about news and marketing so you can keep up with updates on services and workshops ("newsletters"). ​ Send follow-up e-mails and evaluation requests regarding our services/workshop ("surveys"). ​ Administer survey answers. ​ In our privacy policy for customers , you will find more information about how we process your personal data when your company uses our services and when you attend a workshop. What personal data we process Your name ​ E-mail address Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) ​ Your personal data will be processed based on our legitimate interest to contact and send newsletters and surveys to representatives of customers ​ Storage period: If you have attended a workshop, we may contact you for up to 12 months after the completion of the workshop. Otherwise, you continue to receive e-mails for as long as you are a customer. If you unsubscribe or object from receiving our e-mails, we keep track of this in our “unsubscribe-list” to avoid sending you any further marketing material. ​ If you answer a survey, we will store the result for 12 months after you answer it. We will delete your personal data if you ask us to and stop sending you evaluations if you object to receiving them. To send newsletters to subscribers What processing we perform ​​ Send information about news and marketing for you to keep up with updates on produ​ cts, services, and community events (“newsletters”). We send newsletters to those who have chosen to subscribe to our newsletters. What personal data we process Your name if you have chosen to provide it to us ​ E-mail address ​ The list of subscriptions you have chosen Our legal basis for the processing: Consent (Article 6.1.a GDPR) ​ We collect your consent to send newsletters to you. You can withdraw your consent and object to our marketing at any time. ​ Storage period: You continue to receive e-mails until you choose to unsubscribe. If you unsubscribe or object from receiving our e-mails, we keep track of this in our “unsubscribe-list” to avoid sending you any further marketing material. To send newsletters to potential customers What processing we perform ​​ Contact and send marketing about our services and workshops to you who are working at a company which is a potential customer to us. What personal data we process Your name ​ E-mail address ​ Position and information about the company that you work for ​ Information about you e.g. from the website of your company ​ Information from you, e.g. via e-mail Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) ​ Your personal data will be processed based on our legitimate interest to contact and send marketing to representatives of potential customers ​ Storage period: If you are a potential customer with no previous contact with us, we process your personal data for 6 months from when we collected the personal data if we do not have any continued contact with you. ​ If you unsubscribe or object from receiving our e-mails, we keep track of this in our “unsubscribe-list” to avoid sending you any further marketing material. To improve and develop the e-mails we send What processing we perform ​​ Improve and develop the newsletters we send by analyzing how you open them and what you click on in the newsletter. We do this with the help of our service provider Sendinblue.​ Do you want to know more about this type of analysis? Please contact us. What personal data we process Information about how you open our newsletters and what you click on ​ Information about your device ​ IP-address ​ Information about when and where you started subscribing to our newsletters Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) ​ Your personal data will be processed based on our legitimate interest to improve and develop our newsletters and marketing ​ Storage period: We continue to improve and develop our newsletters for as long as you receive them. Thereafter we anonymize the information we have gathered If you object to receiving marketing from us We will store information about you if you choose to object to receiving marketing from us. We have received the information from you. To comply with marketing legislation What processing we perform ​​ If you have stated that you do not wish to receive marketing from us, we will store such information in an “unsubscribe list” to make sure we do not send any marketing to you. What personal data we process Name ​ E-mail address Our legal basis for the processing: Legal obligation (Article 6.1.c GDPR) The processing is necessary to comply with legal obligations which we are subject to, i.e., marketing law, which requires us not to send marketing material to individuals who have objected to receiving such marketing. ​ We cannot make sure you will not receive marketing from us without processing your personal data for this purpose, and you are therefore required to provide your personal data to us. ​ Storage period: You will be listed in our “unsubscribe list” until further notice. Who can gain access to your personal data and why? We do not sell your personal data or share it with other parties unless necessary. This means that your personal data will be handled by our employees but only by the personnel needing such access to conduct their work. We need to work with third parties to conduct our business. To be able to send surveys, newsletters, and other marketing in an efficient way, we use the newsletter provider Sendinblue which will process your personal data on our behalf and follow our instructions. This means that we are responsible for any sharing of your personal data with such suppliers and to ensure that your personal data is safe when shared with third parties. ​ We do not transfer your personal data outside of the EU/EEA. ​ ​ What are your rights when we process your personal data? Detailed description You have certain rights that you can exercise to affect how we process your personal data. You can read a more detailed description of what those rights are below. ​ If you want to know more about your rights or if you want to exercise any of your rights, please contact us, and we will help you. ​ Right to lodge a complaint with a supervisory authority (Article 77 GDPR) You have the right to lodge a complaint with a supervisory authority. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, the IMY). ​ In detail: Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred. ​ The supervisory authority has an obligation of informing you of the progress and the outcome of the complaint, including the possibility of a judicial remedy. ​ Right to withdraw consent (Article 7.3 GDPR) You have the right to withdraw your consent at any time by contacting us. ​ In detail: The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. ​ Right to access (Article 15 GDPR) You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us. If we do process your personal data, you also have a right to obtain a copy of the personal data processed by us as well as information about our processing of your personal data. ​ In detail. The information we provide includes the following: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing, the right to lodge a complaint with a supervisory authority, if the personal data are not collected from you, we provide you with available information about the source of the personal data; the existence of automated decision-making, including profiling, referred to in Articles 22.1 and 22.4 GDPR and, in those cases, meaningful information about the logic involved, as well as the significance and the predicted consequences of such processing; and where your personal data are transferred to a third country or to an international organization, you have the right to information regarding the appropriate safeguards, pursuant to Article 46 GDPR, put in place for the transfer. ​ For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means the information will be provided to you in a commonly used electronic form, unless otherwise requested by you. ​ Your right to obtain a copy referred to above shall not adversely affect the rights and freedoms of others. ​ Right to object (Article 21 GDPR) You have the right to object to our processing of your personal data at any time. ​ In detail: Your right to object applies as follows: Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, you have an unconditional right to have the processing of your personal data for such purposes ceased. In the context of the use of information society services, and regardless of Directive 2002/58/EC (ePrivacy Directive, or ePD), you may exercise your right to object by automated means using technical specifications Right to erasure (“the right to be forgotten”) (Article 17 GDPR) You have the right to ask us to erase your personal data. In detail. We are obligated to erase your personal data without undue delay where one of the following grounds applies: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, you withdraw your consent on which the processing is based, and there is no other legal ground for the processing, the personal data have been unlawfully processed, or the personal data have to be erased for compliance with a legal obligation in Union or Member State law that applies to us. We will notify any erasure of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us. Please note that our obligation to erase and inform according to the above shall not apply to the extent processing is necessary: for exercising the right of freedom of expression and information, for compliance with a legal obligation that requires processing by Union or Member State law that applies to us, or for the establishment, exercise, or defence of legal claims. Right to rectification of processing (Article 16 GDPR) You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you. ​ In detail: Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. ​ We will communicate any rectification of personal data to each recipient to whom the personal data have been provided unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us. Right to restriction of processing (Article 18 GDPR) You have the right to obtain from us restrictions on the processing of your personal data. ​ In detail: Your right applies if: the accuracy of the personal data is contested by you, during a period enabling us to verify the accuracy of the personal data, the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use, or you need the personal data for the establishment, exercise, or defence of legal claims even though we no longer need the personal data for the purposes of processing. ​ Where the processing has been restricted according to above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. ​ We will notify each recipient to whom the personal data has been provided about any restriction of processing according to above, if this do not occur to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us ​ Right to data portability (Article 20 GDPR) You have the right to receive your personal data (that you have provided to us) from us in a structured, commonly used and machine-readable format and, where technically feasible, have your personal data transferred to another data controller (“data portability”). ​ In detail: The right applies if: the processing is based on the lawful basis consent, and the processing is carried out by automated means. ​ The exercise of the right to data portability shall be without prejudice to the right to erasure, i.e. Article 17. ​ Your right to data portability shall not adversely affect the rights and freedoms of others. ​ Balancing of interests assessments when processing personal data based on the legal basis of “legitimate interests” ​ As we state above, for some purposes, we process your personal data based on our “legitimate interest.” By carrying out a balancing of interests assessment concerning our processing of your personal data, we have concluded that our legitimate interest in the processing outweighs your interests or rights, which require the protection of your personal data. ​ If you want more information in relation to our balancing of interests assessments, please do not hesitate to contact us. Our contact information can be found at the beginning of this privacy policy. ​ responsible description access where rights rights-complaint rights-access rights-object rights-erasure rights-rectify rights-restrict rights-withdraw portability send-subscribers improve-emails comply interests send-potential-customers send-existing-customers This privacy policy was adopted on February 16, 2023.

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Privacy Policy If you work for a company that uses 55 Degrees' services If your company is a customer to 55 Degrees AB (”55 Degrees”, “we”,”our” and ”us”) we at 55 Degrees may process your personal data. In this privacy policy you find information about when that is the case, how we process your personal data and what rights you have when it comes to this data processing. ​ Our goal is to be as transparent as possible regarding our processing of your personal data – do not hesitate to contact us with any questions you have! In short We process your personal data as necessary to: enter into an agreement with your company and administrate our relationship , arrange workshops , improve the service , send marketing, surveys, and newsletters we consider to be interesting for you (for more, read our privacy policy about newsletters and surveys ), handle your support matters , and comply with accounting legislation . ​ When your personal data is used within our services, we will see, store and process your personal data. However, the company you represent is mainly responsible (controller) for processing such personal data and will give you information about that separately. Below you will find information about the processing of your personal data that we at 55 Degrees are responsible for. Here you can find all our privacy policies which describe how we process personal data in other situations, e.g. if you visit our website or otherwise are in contact with us. ​ Your rights Below you find a detailed description of your rights and how to exercise them. In summary, you have the following rights: ​ the right to lodge a complaint with a supervisory authority, the right to access what personal data we process about you, the right to object to our processing, the right to erasure of the personal data we process, the right to rectification of any personal data that is inaccurate, and the right to restrict our processing. ​ When we refer to “your company” in this privacy policy, we refer to your employer or the organisation or public body that you represent. When we refer to “services” in this privacy policy, we refer to our software products, training workshops, or any other service that we offer. ​ Below you can read more about: By pressing the selected heading, you will be moved to the relevant paragraph. ​ Who is responsible and how to contact us? A detailed description of how we process your personal data Who can gain access to your personal data and why? Where is your personal data processed? What are your rights when we process your personal data? Detailed description Balancing of interests assessments when processing personal data based on the legal basis of “legitimate interests” ​ ​ Who is responsible and how to contact us? We at 55 Degrees are generally processing personal data on the instructions of our customers, i.e. as processors. In some situations, we are however responsible for the processing of your personal data and acting as controllers. These situations are explained in the sections below. ​ If you have any questions or if you wish to exercise any of your rights, we are available at: Full name of legal entity: 55 Degrees AB (organization number 559201-6843) E-mail address: privacy@55degrees.se Mailing address: Lilla Nygatan 7, 211 38 Malmö, Sweden ​ ​ A detailed description of how we process your personal data We gather personal data from you and from your company. To enter into an agreement with your company and administer our relationship What processing we perform ​​ Enter into an agreement with your company regarding our services and/or workshops, including any negotiation between the companies ​ Administer our relationship with your company, e.g. send you information about our new terms and other information that your company needs ​ If your company becomes our customer, we send updates, information about our products and other marketing that we deem interesting to your company. You can read more about this here . What personal data we process Information you or your company provide to us, e.g. name, information about which company you represent, position in your company, telephone number and e-mail address Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) ​ Your personal data will be processed based on our legitimate interest to negotiate and enter into an agreement with your company and to administrate the agreement. ​ Storage period: We will store your personal data for as long as your company is our customer and for up to six months afterward unless your data is included in email communication, agreements, and similar documentation, which we cannot delete in case of a dispute . To arrange workshops What processing we perform ​​ Administrate your attendance in a workshop ​ Communicate with you as a participant before or during the workshop ​ After workshops, we send follow-up e-mails, and may send other marketing and evaluation requests. You can read more about this here . What personal data we process Name ​ E-mail address ​ Information about the company you represent ​ Position in your company ​ Which workshops you have participated in Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) Your personal data will be processed based on our legitimate interest ​to be able to arrange workshops for you as a representative of a customer. ​ Storage period: Your personal data will be stored until the workshop is completed. However, a participant list that includes your name and contact information will be saved so that we can contact you for 12 months thereafter as stated in our privacy policy here . To improve the service What processing we perform ​​ Evaluate customer and user behavior in order to provide you with a better service and user experience What personal data we process Subscription ID ​ Technical information about the User. ​ Information about how you use the product. Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) ​ Your personal data will be processed based on our legitimate interest to handle your request for support and provide that support to you. ​ Storage period: Your personal data will be stored for a period of up to one year. To handle your support matters What processing we perform ​​ Handle your request for support What personal data we process Information about which company you work for ​ Contact information ​ Other information you provide to us in connection with the support matter Our legal basis for the processing: Legitimate interest (Article 6.1.f GDPR) ​ Your personal data will be processed based on our legitimate interest to handle your request for support and provide that support to you. ​ Storage period: Your personal data will be stored from when the matter was initiated, through the duration of your support matter. Thereafter we store your personal data as long as we have a purpose for processing it. We aim to only keep the personal data for up to one year afterward for purposes of service and product improvement. However, we aim to delete sensitive attachments such as HAR files within three months of the closure of the support request. To comply with accounting legislation What processing we perform ​​ Store information in accounting material What personal data we process ​Name, history regarding payments that have been made, and other information that constitutes accounting records Our legal basis for the processing: Legal obligation (Article 6.1.c GDPR) ​ The processing is necessary to comply with legal obligations to which we are subject, i.e. accounting legislation. ​ If you do not provide this information, we will not be able to administer our relationship with your company. ​ Storage period: We will store any document constituting accounting material and the personal data included therein according to the storage period stated in the accounting legislation. ​ In Sweden, this means that we will store your personal data for seven to eight years, i.e., until and including the seventh year after the end of the calendar year for the fiscal year to which the personal data relates. ​ Who can gain access to your personal data and why? We do not sell your personal data or share it with other parties unless it is necessary. This means that your personal data will be handled by our employees, but only by the personnel in need of such access to conduct their work. ​ We will store your personal data, anonymised when possible, within our IT systems to ensure good and secure IT operations. This means that we share your personal data with our IT suppliers . We will store your personal data within our customer support and success systems to ensure good and secure customer support and relationship management operations. This means that we share your personal data with our Customer Support and Success suppliers We will store your anonymised personal data regarding how you use our products within our Business Intelligence systems in order to understand how our products are used and to improve them. This means we share your anonymised personal data with our Business Intelligence suppliers . We will store your personal data within our accounting systems to ensure good and secure financial operations and subscription management relating to the purchases of our products and services. This means that we share your personal data with our Accounting suppliers . ​ The above parties will process these on our behalf and follow our instructions. We need to work with third parties to conduct our business. We are responsible for any sharing of your personal data with such suppliers and to ensure that your personal data is safe when shared with third parties. For more detailed information on our suppliers and the information we store with them, please visit our supplier page . ​ Where is your personal data processed? We use EU/EEA vendors that store data in the EU/EEA when possible. However, when we must use suppliers outside of the EU/EEA, your personal data will, in most cases, be processed outside of the EU/EEA. These are the cases in which we transfer your data outside of the EU/EEA: ​ When you use any of our Cloud products we maintain network logs using AWS and track javascript errors using Sentry. Both suppliers store data in the USA. ​ When you use ActionableAgile for Azure DevOps we store your Azure user ID and information about the subscription you belong to so we can verify you have access to a valid subscription and log you into the app. This information is stored in Google Cloud’s Firebase Firestore which stores data in the USA. ​ When you purchase a subscription through 55 Degrees via credit card we store needed personal data to manage and communicate with you regarding your subscription to our Products. The information we store is personal data about you, for example, your e-mail address and payment information. This information is sent to Recurly and Stripe, both suppliers storing data in the USA. ​ When you interact with us via our support channels we process your personal data, e.g. name and e-mail address, entered into our service desk so that we can assist you. This information is entered into Jira Service Management via our support portal vendor, Refined. Both suppliers store some or all information in the USA. ​ When you book a meeting with us we gather your personal data as a meeting attendee, e.g. your e-mail address. This information about you is entered by you or the company you represent into Calendly, a service that stores data in the USA. ​ When you attend a virtual meeting with us we store your personal data as a meeting attendee, e.g. your name and e-mail address, and, with consent, store recordings for up to 30 days. This information is stored in Zoom or Microsoft Teams, both of which store data in the USA. In the above situations, we and our suppliers rely on Standard Contractual Clauses for the transfer of personal data outside of the EU/EEA. The use of Standard Contractual Clauses is an effort to provide a safe transfer of your personal data. You find a more detailed description of the transfer of personal data on our supplier page . If you want to know more about whom we share your personal data with and how your personal data is transferred, please feel free to contact us . Our contact information can be found at the beginning of this privacy policy. ​ What are your rights when we process your personal data? Detailed description You have certain rights that you can exercise to affect how we process your personal data. You can read a more detailed description of what those rights are below. ​ If you want to know more about your rights or if you want to exercise any of your rights, please contact us and we will help you. ​ Right to lodge a complaint with a supervisory authority (Article 77 GDPR) You have the right to lodge a complaint with a supervisory authority. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, the IMY). ​ In detail: Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred. ​ The supervisory authority has an obligation of informing you of the progress and the outcome of the complaint, including the possibility of a judicial remedy. ​ Right to access (Article 15 GDPR) You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us . If we do process your personal data, you also have a right to obtain a copy of the personal data processed by us as well as information about our processing of your personal data. ​ In detail. The information we provide includes the following: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing, the right to lodge a complaint with a supervisory authority, if the personal data are not collected from you, we provide you with available information about the source of the personal data; the existence of automated decision-making, including profiling, referred to in Articles 22.1 and 22.4 GDPR and, in those cases, meaningful information about the logic involved, as well as the significance and the predicted consequences of such processing; and where your personal data are transferred to a third country or to an international organization, you have the right to information regarding the appropriate safeguards, pursuant to Article 46 GDPR, put in place for the transfer. ​ For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means the information will be provided to you in a commonly used electronic form, unless otherwise requested by you. ​ Your right to obtain a copy referred to above shall not adversely affect the rights and freedoms of others. ​ Right to object (Article 21 GDPR) You have the right to object to our processing of your personal data at any time. ​ In detail: Your right to object applies as follows: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on our legitimate interest, i.e. Article 6.1 f GDPR. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defence of legal claims. In the context of the use of information society services, you may exercise your right to object by automated means using technical specifications. Right to erasure (“the right to be forgotten”) (Article 17 GDPR) You have the right to ask us to erase your personal data. In detail. We are obligated to erase your personal data without undue delay if: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, you object to the processing pursuant to Article 21.1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 GDPR, the personal data have been unlawfully processed, or the personal data have to be erased for compliance with a legal obligation in Union or Member State law that applies to us. Where we have made the personal data public and are obliged in accordance with the rights stated above to erase the personal data, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data. We will notify any erasure of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us. Please note that our obligation to erase and inform according to the above shall not apply to the extent processing is necessary: for exercising the right of freedom of expression and information, for compliance with a legal obligation that requires processing by Union or Member State law that applies to us, or for the establishment, exercise, or defence of legal claims. Right to rectification of processing (Article 16 GDPR) You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you. ​ In detail: Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. ​ We will communicate any rectification of personal data to each recipient to whom the personal data have been provided unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us . Right to restriction of processing (Article 18 GDPR) You have the right to obtain from us restrictions on the processing of your personal data. ​ In detail: Your right applies if: the accuracy of the personal data is contested by you, during a period enabling us to verify the accuracy of the personal data, you have objected to processing pursuant to Article 21 .1 GDPR pending the verification of whether our legitimate grounds override yours, the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use, and you need the personal data for the establishment, exercise, or defence of legal claims even though we no longer need the personal data for the purposes of processing. ​ Where the processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. ​ We will notify you before the restriction of processing is lifted. We will also communicate any restriction of processing of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us . ​ Balancing of interests assessments when processing personal data based on the legal basis of “legitimate interests” As we state above, for some purposes, we process your personal data based on our “legitimate interest”. By carrying out a balancing of interests assessment concerning our processing of your personal data, we have concluded that our legitimate interest in the processing outweighs your interests or rights which require the protection of your personal data. ​ If you want more information in relation to our balancing of interests assessments, please do not hesitate to contact us . Our contact details can be found at the beginning of this privacy policy. ​ responsible description process-agreement process-improve process-support process-accounting process-arrange access where rights interests rights-complaint rights-access rights-object rights-erasure rights-rectify rights-restrict This privacy policy was adopted on February 16, 2023

Be predictable. Be confident. Be agile. Trusted globally by 1600+ companies Powerful solutions that take you from busy to effective ActionableAgile ™️ Agile Flow Metrics for Jira, Azure DevOps, or standalone SaaS Measure and improve Flow. Be Predictable. Answer "When will it be done?" Learn More Portfolio Forecaster Continuous Forecasting for Jira Forecast Jira epics and versions with confidence using probabilities. Learn More Klar for Jira Cloud Configure & answer refinement questions for your work. Know just enough to start! Learn More Koppla for Jira Cloud Have external data right in your Jira issues so you can finish faster with less context switching! Learn More Inspekt for Jira Cloud Analyze raw workflow data for cumulative time in status and how items move in the workflow. Learn More Products Julie Starling - Agile Delivery CoP Manager Financial Services Organization with over 1400 employees By regularly forecasting with ActionableAgile, we could clearly show when circumstances impacted our delivery timescales; previously, these would have been recognized as affecting our delivery. Monte Carlo simulation's what-if scenario planning function has enabled us to discuss what is happening and if trends are changing with stakeholders and teams. This allowed us to take meaningful action at the soonest possible opportunity and put the decisions with the right people. Recent Blog Posts Julie Starling Aug 14 4 min Schrodinger's Work Item and the Quest for Value An active item in our system represents both potential value and waste ...until we deliver it, we do not know which it is. 78 1 like. Post not marked as liked 1 Julia Wester Jul 10 1 min How do you use pace percentiles on ActionableAgile's aging chart? It is inevitable that there are ways that the software creator intends a feature to be used and there are ways that it ends up being used. 117 1 like. Post not marked as liked 1 Daniel Vacanti May 27 3 min Little's Law - Why You Should Care Without an understanding of what makes Little's Law work, teams are making decisions every day that are in direct contravention of facts. 269 Post not marked as liked Read more > A culture based on security and privacy An important part of living up to our values is our commitment to data privacy and security throughout all aspects of our organization. We don't take a single step without ensuring we've taken all reasonable steps to protect your data and privacy. Protect customer and personal data at all times Comply with applicable privacy regulations Avoid processing or storing unneeded data Compliance Certifications and Standards ISO 27001 GDPR Atlassian Security Programs Interact with us at an upcoming event ActionableAgile Demo with Q&A Thu, Sep 21 Webinar Sep 21, 3:00 PM – 4:00 PM GMT+2 Webinar Sep 21, 3:00 PM – 4:00 PM GMT+2 Webinar In this Webinar, Margaux Fiche (Manager Customer Experience) will walk you through the key charts of ActionableAgile, what to think about when loading a data set and provide some tips and tricks for best practices. She will then answer your questions at the end. Share RSVP Brewing Agile Wed, Oct 18 Auktionsverket Kulturarena Oct 18, 7:00 PM GMT+2 – Oct 19, 7:00 PM GMT+2 Auktionsverket Kulturarena, Tredje Långgatan 9, 413 03 Göteborg, Sweden Oct 18, 7:00 PM GMT+2 – Oct 19, 7:00 PM GMT+2 Auktionsverket Kulturarena, Tredje Långgatan 9, 413 03 Göteborg, Sweden We’re happy to sponsor the Brewing Agile Conference in Gothenburg on 18-19 October! And we’d love to meet with you there! You can visit us at our booth and even book a time with us for longer conversations. RSVP to let us know if you’ll be there and’d like to book some 1:1 time with us. Share RSVP Øredev Developer Conference Wed, Nov 08 Malmö Mässan Conference Center Nov 08, 7:40 AM GMT+1 – Nov 10, 1:00 PM GMT+1 Malmö Mässan Conference Center, Mässgatan 6, 215 32 Malmö, Sweden Nov 08, 7:40 AM GMT+1 – Nov 10, 1:00 PM GMT+1 Malmö Mässan Conference Center, Mässgatan 6, 215 32 Malmö, Sweden We’re happy to be back and sponsor our local developer conference, Øredev, in our hometown, Malmö on 8-10 November! And we’d love to meet with you there! You can visit us at our booth and even book a time with us for longer conversations. Share RSVP More events >

Automated forecasts Always up-to-date Quickly generate up-to-date, automated forecasts on the epics or versions in your Jira projects with Monte Carlo simulations that use your historical data and your tolerance for risk. Minimize the time and effort you spend forecasting! Answer key questions with Portfolio Forecaster How likely is it that it will be finished by the due date? Our Monte Carlo simulations use your historical data to forecast how likely it is that you'll meet your desired due date for each epic or version. How certain are we about this forecast? In Portfolio Forecaster you can control the level of confidence in your forecast. That sets the probability of finishing by the shown forecasted dates. How will our choices impact the forecast? What would happen if we started more epics? Fewer? What if we changed their priority? You can use Portfolio Forecaster for what-if scenarios and have collaborative conversations early and often! Purchasing Options Start your free trial Portfolio Forecaster is exclusively available as an app that embeds directly in your Jira Cloud, Server, or Data Center instance. Every Jira user is automatically licensed! Try Portfolio Forecaster for free for at least 30 days! 55 Degrees is a Platinum Atlassian Marketplace Partner. Portfolio Forecaster for Jira participates in Atlassian's security programs and is Cloud Fortified

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Download Available Click the icon to download a PDF of this page. Appendix 1 Data Processing Agreement for On-Premise Perpetual Products Effective November 21, 2022 1. Background and Interpretation ​ 1.1. The Supplier will, upon performance of the Agreement when providing its Product, process personal data on behalf of the Customer, in the capacity of the Customer’s processor. The Supplier will process personal data for which the Customer is the controller. ​ 1.2. This Data Processing Agreement (the “DPA ”) forms an integral part of the Agreement. The purpose of this DPA is to ensure a secure, correct, and legal processing of personal data and to comply with applicable requirements for data processing agreements as well as to ensure adequate protection for the personal data processed within the scope of the Agreement. ​ 1.3. Any terms used in this DPA, e.g. processing, personal data, data subjects, supervisory authority, etc., shall primarily have the meaning as stated in the European Parliament and the Council Regulation (EU) 2016/679 (the “GDPR “) and otherwise in accordance with the Agreement, unless otherwise clearly indicated by the circumstances. ​ 1.4. In light of the above, the Parties have agreed as follows: ​ 2. Instructions and Responsibilities ​ 2.1. The type of personal data and categories of data subjects processed by the Supplier under this DPA and the purpose, nature, duration, and objects of this processing, are described in the instructions on the processing of personal data in Appendix 1A or the written instructions that Customer provides from time to time. The Supplier shall not process additional categories of personal data or personal data in relation to other data subjects than those specified in Appendix 1A . ​ 2.2. Customer is responsible for complying with the GDPR. Customer shall in particular: ​ a) be the point of contact towards data subjects and i.e. respond to their inquiries regarding the processing of personal data; ​ b) ensure the lawfulness of the processing of personal data, provide information to data subjects pursuant to Articles 12-14 in the GDPR, and maintain a record of processing activities under its responsibility; ​ c) provide the Supplier with documented instructions for the Supplier’s processing of personal data, including instructions regarding the subject matter, duration, nature, and purpose of the processing as well as the type of personal data and categories of data subjects; ​ d) immediately inform the Supplier of changes that affect the Supplier’s obligations under this DPA; e) immediately inform the Supplier if a third party takes action or lodges a claim against the Customer as a result of the Supplier’s processing under this DPA; and f) immediately inform the Supplier if anyone else is a joint controller with the Customer of the relevant personal data. ​ 2.3. When processing personal data, the Supplier shall: ​ a) only process personal data in accordance with Customer’s documented instructions, which at the time of the Parties entering into this DPA are set out in Appendix 1A; b) ensure that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; c) maintain an adequate level of security for personal data by implementing all technical and organizational measures set out in Article 32 of the GDPR in the manner set out in section 3 below; d) respect the conditions referred to in paragraphs 2 and 4 of Article 28 of the GDPR for engaging a sub-processor; e) taking into account the nature of the processing, assist Customer by appropriate technical and organizational measures, insofar as it is possible, for the fulfillment of Customer’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR; f) assist Customer in ensuring compliance with the obligations pursuant to Articles 32-36 of the GDPR, taking into account the nature of the processing and the information available to the Supplier; g) at the choice of Customer, delete or return all the personal data to Customer after the end of the Agreement, and delete existing copies, unless EU law or applicable national law of an EU Member State requires the storage of the personal data; and h) make available to Customer all information necessary to demonstrate compliance with the obligations laid down in Article 28 in the GDPR and this DPA and allow for and contribute to audits, including inspections, conducted by Customer or another auditor agreed upon by the Parties. ​ 2.4. The Supplier shall notify the Customer without undue delay, if, in the Supplier’s opinion, an instruction infringes the GDPR. In addition, the Supplier is to immediately inform the Customer of any changes affecting the Supplier’s obligations pursuant to this DPA. ​ 3. Security ​ 3.1. The Supplier shall implement technical and organisational security measures in order to protect personal data against destruction, alteration, unauthorised disclosure, and unauthorised access. The measures shall ensure a level of security that is appropriate considering the state of the art, the costs of implementation, the nature, scope, context, and purpose of the processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons. The Supplier may amend its technical and organisational measures. 3.2. The Supplier shall notify Customer of accidental or unauthorised access to personal data or any other personal data breach without undue delay after becoming aware of such data breach and pursuant to Article 33 of the GDPR. Such notification shall not in any manner imply that the Supplier has committed any wrongful act or omission, or that the Supplier shall become liable for the personal data breach. 3.3. If the Customer, during the term of this DPA, requires that the Supplier take additional security measures, the Supplier shall as far as possible meet such requirements provided that the Customer pays and takes responsibility for any and all costs associated with such additional measures. ​ 4. Sub-processors and Transform to Third Countries ​ 4.1. ​Customer hereby grants the Supplier with a general authorisation to engage sub-processors. Sub-processors are listed in the list of sub-contractors in Appendix 1B . The Supplier shall enter into a data processing agreement with each sub-processor, according to which, the same data protection obligations as set out in this DPA, are imposed upon the sub-processor. 4.2. The Supplier shall inform Customer of any intended changes concerning the addition or replacement of sub-processors, thereby giving Customer the opportunity to object to such changes. Such objection shall be made in writing and within thirty (30) calendar days after the Supplier has informed Customer about the intended changes. If Customer objects to the Supplier engaging a sub-processor and the Parties cannot agree, within a reasonable time, on the new sub-processor’s engagement in the processing of personal data, the Supplier can terminate the Agreement. 4.3. If the Supplier and/or sub-processors transfers personal data outside the EU/EEA, such transfer shall always comply with the applicable data protection requirements according to the GDPR and related data protection legislation. The Supplier shall keep Customer informed about the legal grounds for the transfer. ​ 5. Compensation and Limitation of Liability ​ 5.1. The Supplier is not entitled to any additional compensation for the processing of personal data in accordance with this DPA, instead the compensation provided pursuant to the Agreement also encompasses the measures in this DPA. 5.2. Each Party shall be responsible for any damages and administrative fines imposed to it under articles 82 and/or 83 of the GDPR. 5.3. Notwithstanding any limitation of liability in the Agreement, each Party’s liability under this DPA shall be limited to direct damages. In addition, the Supplier's liability shall be limited to an amount corresponding to the fees paid by the Customer to the Supplier under the Agreement for a period of six (6) months before the damage occurred. ​ 6. Term and Termination ​ 6.1. This DPA becomes effective when the Agreement has been entered into. 6.2. Upon termination of the Agreement, the Supplier shall at the choice of Customer, delete all the personal data or return it to Customer, and ensure that each sub-processor does the same. 6.3. This DPA remains in force as long as the Supplier processes personal data on behalf of Customer, including deletion or returning of personal data according to section 6.2 above. This DPA shall thereafter cease to apply. Sections 5 and 6.2 shall continue to apply even after this DPA has been terminated. ​ 7. Changes ​ 7.1. If provisions of the GDPR change or if a supervisory authority issues guidelines, decisions or regulations regarding the application of the GDPR during the term of this DPA, with the result that this DPA does not meet the requirements for a data processing agreement, the Parties shall change this DPA to meet the requirements. 7.2. Any other changes to this DPA than following from section 7.1 above or changes in Customer’s documented instructions, shall be made in writing and signed by the Parties’ authorized representatives, to be binding. ​ 8. Miscellaneous ​ 8.1. In the event of deviating provisions between the Agreement and this DPA, the provisions of this DPA shall prevail with regard to processing of personal data and nothing in the Agreement shall be deemed to restrict or modify obligations set out in this DPA, notwithstanding anything to the contrary in the Agreement. 8.2 . This DPA supersedes and replaces all data processing agreements between the Parties potentially existing prior to this DPA. APPENDIX 1A Instructions on Processing of Personal Data Purposes ​ The Supplier processes personal data in order to fulfil the Agreement. This means that the Supplier processes personal data for the following purposes: To handle customer support cases, To work with key End-Users designated by the Customer for purposes of the customer success program. This program is available to opt-in to for certain customer accounts ​ Categories of personal data ​ Categories of personal data that will be processed by the Supplier include: Name, E-mail address, Role in organisation, and Information about how the Product is used provided by the Customer for the purposes of support and customer success. ​ Categories of data subjects ​ End-Users. ​ Retention time ​ The personal data will be processed for as long as the End-User continues to actively use the Service and for twelve (12) months thereafter if the End-User has provided information about which Customer they are associated with. ​ Processing operations ​ The Supplier process the personal data of End-Users in the following ways. ​ The End-User’s name and e-mail address, as well as contextual information provided by the End-User, is collected in order to provide customer support when customers open a support request via e-mail or via the Supplier’s support portal. The name and e-mail address regarding key End-Users designated by the Customer may be stored in the Supplier’ CRM system by Customer Success Specialists to support activities related to the customer success program.. ​ Information Security Measures The Supplier Security Practices Application-specific Data Security and Privacy Statements Security Advisories and related policy APPENDIX 1B Sub-Processors No sub-processors are involved in your regular usage of our On-Premise applications. However, we do rely on sub-processors to support your end-users' ability to get value out of your purchase via our Customer Support and Customer Success functions. In the table below you can see exactly which purposes we utilize sub-processors for end-users of any of our On-Premise applications. Please see our sub-processors page to find links to related documents such as DPAs for the sub-processors above as well as a full list of the subprocessors that process personal data, even those that aren't relevant to this DPA. Appendix2B Appendix2A

Legal Product Service Terms Agreement IMPORTANT - Please read carefully This Product Service Terms Agreement ("Agreement") is a binding legal document between 55 Degrees AB and You, which you accept by purchasing a Service. If you do not agree to this agreement, then do not pay for or use the Service. "Service" is the work performed by 55 Degrees under a service punchcard offered on https://55degrees.se . "You" means you, the organization or individual that purchased the Service. "55 Degrees" means 55 Degrees AB of Nordenskiöldsgatan 24, Office 312, 211 19 Malmö, Sweden. ​ By remitting payment or purchase order for any portion of the fees for the Service, or by installing or using any of the Service, You agree to be bound by this Agreement. If You do not agree to this Agreement, then do not pay for or use the Service. ​ The "Agreement" also includes any 55 Degrees policies or documents referenced in this document, including 55 Degrees' Privacy Policy at https://www.55degrees.se/privacy-policy . From time to time, 55 Degrees may modify this Agreement, including any referenced policies and other documents. Any modified version will be effective at the time it is posted, and will apply to any Service paid for after the time of posting. Scope of Service 55 Degrees will provide the purchased Service as described on https://www.55degrees.se/product-service-punchcards . ​ Scheduling, Rescheduling and Canceling Sessions​ All sessions will be scheduled using Calendly. The specific URL for the scheduling site will be provided via the Customer Portal upon its creation. Please note that our current business hours are between 8am - 5pm CET. 55 Degrees will offer a limited number of after-hours sessions a week and we make no guarantee of their availability to any one organization. All meetings are subject to availability of the 55 Degrees employees and their partners. It is recommended that you attempt to schedule sessions with as much notice as possible. Each meeting must include a goal for the meeting in the requisite field in the meeting request form. A 55 Degrees employee will acknowledge and accept or decline each requested session once the request has been received. You agree to provide 24 hours notice for rescheduling of a scheduled coaching session. One hour will be deducted from your punchcard balance upon on the 3rd cancellation or reschedule occurring within 24 hours of a scheduled session. Once a session has been verified and accepted, 55 Degrees will take every effort to avoid canceling or rescheduling. ​ Cost and Payment Service prices are stated on the pages where the services are offered. ​ Payment must be received in advance of Service. Acceptable forms of payment include: credit card payment online and wire transfer via invoice. Refunds will be granted up to 30 days from purchase, provided Service has not commenced. Travel No travel is included. Service will be performed remotely by employees of 55 Degrees or its partners using Zoom or other video meeting technology. Term and Expiration Each Service Punchcard is valid for 90 days from date of purchase, with new punchcard purchases resetting the 90-day period for any unexpired previously purchased Punchcard. Unused Punchcard time cannot be refunded after 90 days from purchase. This Agreement will terminate one year after completion of the last Service. ​ Copyrights Any alterations resulting in 55 Degrees' products as a result of Service become part of the product, owned by 55 Degrees. Any training materials or other media created during Service belong to 55 Degrees unless otherwise agreed in writing. Use of 55 Degrees products and Atlassian products are governed solely by the terms of their respective End-User License Agreements. No Warranty 55 Degrees neither guarantees, warrants, nor makes any representations as to the correctness or completeness of the Service or its suitability to any particular purpose, and no liability, contingent or otherwise is accepted by 55 Degrees for errors or omissions. Limitation of Liability Without limitation, 55 Degrees will not be liable for any loss, damage, cost, expense, or other claim (including consequential damages and loss of profits) in relation to the Service. Nondisclosure If You have entered a separate Nondisclosure Agreement with 55 Degrees, that agreement governs nondisclosure obligations in lieu of this section. ​ "Confidential Information" means any information, technical data, or know-how relating to research, products, services, customers, markets, software, developments, inventions, processes, designs, drawings, engineering, marketing, finances, or other area which is designated in writing to be confidential or proprietary, or if given orally, is confirmed within seven (7) days in writing as having been disclosed as confidential or proprietary. ​ 55 Degrees and You agree not to use Confidential Information received by the other party for any purpose except to provide the Services. Neither party will disclose the Confidential Information of the other party to third parties, or to its employees unless required to provide the Service. Each party agrees that it will take all reasonable steps to protect the secrecy of, and avoid disclosure or use of, Confidential Information of the other party in order to prevent it from falling into the public domain or the possession of unauthorized persons. Each party agrees to notify the other party in writing of any misuse or misappropriation of the other party's Confidential Information which may come to its attention. ​ Each party agrees that, in addition to any other remedies that may be available, the other party shall be entitled to obtain injunctive relief against the threatened breach of this section or the continuation of any such breach, without the necessity of proving actual damages. ​ Any Confidential Information, including copies, which have been disclosed by the other party will be returned or destroyed within thirty (30) days after the completion of the Service, or at the written request of the disclosing party. Choice of Law and Forum Applicable Law These terms and conditions are governed by Swedish law, without consideration to its choice of law provisions. The Ystad District Court has exclusive jurisdiction in the first instance on any dispute arising from these terms and conditions. ​ No Waiver Our failure to enforce any provision(s) of the Agreement or respond to a breach by any party shall in no way waive its right to subsequently enforce any terms or conditions of the Agreement or respond to any breaches. ​ Entire Agreement and Severability This Agreement is the entire agreement between You and 55 Degrees relating to the Service and they supersede all prior or contemporaneous oral or written communications, proposals and representations with respect to the Service or any other subject matter covered by this Agreement. If any provision of this Agreement is held to be void, invalid, unenforceable or illegal, the remaining provisions shall continue in full force and effect. ​

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Privacy Policy If you represent a supplier If you represent a supplier to 55 Degrees AB (”55 Degrees ”, “we ”,” our ” and ”us ”) we at 55 Degrees will process your personal data if you are stated as the contact person for your company or if you in other ways are in contact with us as representative of one of our suppliers. In this privacy policy, you find information about when that is the case, how we process your personal data, and what rights you have when it comes to this data processing. ​ Our goal is to be as transparent as possible regarding our processing of your personal data – do not hesitate to contact us with any questions you have! In short We process your personal data as necessary to: - enter into an agreement with your company and administrate our relationship, and - when relevant, comply with accounting legislation. ​ Here you can find all our privacy policies which describe how we process personal data in other situations, e.g., if you visit our website or otherwise are in contact with us. ​ Your rights Below you find a detailed description of your rights and how to exercise them. ​ In summary, you have the following rights: the right to lodge a complaint with a supervisory authority, the right to access what personal data we process about you, the right to object to our processing, the right to erasure of the personal data we process, the right to rectification of any personal data that is inaccurate, and the right to restrict our processing. ​ Below you can read more about: You will be moved to the relevant paragraph by pressing the selected heading. ​ Who is responsible, and how to contact us? Detailed description of how we process your personal data To enter into an agreement with your company and administer our relationship To comply with accounting legislation Who can gain access to your personal data and why? Where is your personal data processed? What are your rights when we process your personal data? Detailed description ​ When we refer to “your company” in this privacy policy, we refer to your employer or the organisation or public body that you represent. ​ Who is responsible, and how to contact us? We at 55 Degrees are generally processing personal data on the instructions of our customers, i.e. as processors. In some situations, we are, however ourselves responsible for the processing of your personal data and acting as controllers. These situations are explained in the charts below. ​ If you have any questions or if you wish to exercise any of your rights, we are available at: Full name of legal entity: 55 Degrees AB (organization number 559201-6843) E-mail address: privacy@55degrees.se Mailing address: Lilla Nygatan 7, 211 38 Malmö, Sweden ​ ​ A detailed description of how we process your personal data We collect your personal data directly from you. We may also collect your personal data from your company, if they state you as their representative. ​ To enter into an agreement with your company and administer our relationship What processing do we perform? Enter into an agreement with your company, including any negotiation between the companies Administrate our relationship with your company (e.g. communicate with our supplier) ​ What personal data do we process? Information you or your company provide to us, e.g. name, information about which organisation you represent, position in your company, telephone number, and e-mail address ​ Our legal basis for the processing Legitimate interest ​ Your personal data will be processed based on our legitimate interest to negotiate and enter into an agreement with your company and to administrate the agreement. By carrying out a balancing of interests assessment concerning our processing of your personal data, we have concluded that our legitimate interest in the processing outweighs your interests or rights, which require the protection of your personal data. ​ If you want more information in relation to our balancing of interests assessments, please do not hesitate to contact us. Our contact details can be found at the beginning of this privacy policy. ​ Storage period Your personal data will be deleted if we conclude that we will not enter into an agreement with your company. If your company becomes our supplier, we will store your personal data for this purpose as long as the company you represent is our supplier and until we have evaluated our previous partnership and potential future partnership and up to six months afterward. If we receive information that you no longer represent the company, we will delete your personal data unless your data is included in email communication, agreements, and similar documentation, which we cannot delete – in case of a dispute. ​ ​ ​ To comply with accounting legislation What processing do we perform? Store information in accounting material when relevant ​ What personal data do we process? Name, history regarding payments made, and other information that constitutes accounting records ​ Our legal basis for the processing Legal obligation ​ The processing is necessary to comply with legal obligations to which we are subject, i.e., accounting legislation. ​ You need to provide us with this information. Otherwise, we will not be able to administrate our relationship with your company. ​ Storage period We will store any document constituting accounting material and the personal data included therein according to the storage period stated in the accounting legislation. ​ In Sweden, this means that we will store your personal data for seven to eight years, i.e., until and including the seventh year after the end of the calendar year for the fiscal year to which the personal data relates. ​ Who can gain access to your personal data and why? We do not sell your personal data or share it with other parties unless it is necessary. This means that your personal data will be handled by our employees but only by the personnel needing such access to conduct their work. We will store your personal data, anonymised when possible, within our IT systems to ensure good and secure IT operations. This means that we share your personal data with our IT suppliers . ​ We will store your personal data within our accounting systems to ensure good and secure financial operations relating to our suppliers. This means that we share your personal data with our accounting suppliers . ​ The above parties will process these on our behalf and following our instructions. We need to work with third parties to conduct our business. We are responsible for any sharing of your personal data to such suppliers and to ensure that your personal data is safe when shared with third parties. For more detailed information on our suppliers and the information we store with them, please visit our supplier page located at https://support.55degrees.se/space/SECURE/2014216193 . ​ Where is your personal data processed ? We use EU/EEA vendors that store data in the EU/EEA when possible. However, when we must use suppliers outside of the EU/EEA, your personal data will, in most cases, be processed outside the EU/EEA. These are the cases in which we transfer your data outside of the EU/EEA: ​ When you book a meeting with us, we gather your personal data as a meeting attendee, e.g., your e-mail address. This information about you is entered by you or the company you represent into Calendly, a service that stores data in the USA. ​ When you attend a virtual meeting with us, we store your personal data as a meeting attendee, e.g., your name and e-mail address. This information is stored in Zoom or Microsoft Teams, which store data in the USA. ​ In the above situations, our suppliers and we rely on Standard Contractual Clauses for the transfer of personal data outside of the EU/EEA. The use of Standard Contractual Clauses is an effort to provide a safe transfer of your personal data. You find a more detailed description of the transfer of personal data at https://support.55degrees.se/space/SECURE/2014216193 . ​ If you want to know more about whom we share your personal data with and how your personal data is transferred, please contact us. Our contact information can be found at the beginning of this privacy policy. ​ What are your rights when we process your personal data? Detailed description You have certain rights that you can exercise to affect how we process your personal data. You can read a more detailed description of what those rights are below. ​ If you want to know more about your rights or if you want to exercise any of your rights, please contact us, and we will help you. ​ Right to lodge a complaint with a supervisory authority (Article 77 GDPR) You have the right to lodge a complaint with a supervisory authority. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, the IMY). ​ In detail: Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred. ​ The supervisory authority has an obligation of informing you of the progress and the outcome of the complaint, including the possibility of a judicial remedy. ​ Right to access (Article 15 GDPR) You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us. If we process your personal data, you also have a right to obtain a copy of the personal data processed by us and information about our processing of your personal data. ​ In detail. The information we provide includes the following: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing, the right to lodge a complaint with a supervisory authority, if the personal data are not collected from you, we provide you with available information about the source of the personal data; the existence of automated decision-making, including profiling, referred to in Articles 22.1 and 22.4 GDPR and, in those cases, meaningful information about the logic involved, as well as the significance and the predicted consequences of such processing; and where your personal data are transferred to a third country or to an international organization, you have the right to information regarding the appropriate safeguards, pursuant to Article 46 GDPR, put in place for the transfer. ​ For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means, the information will be provided in a commonly used electronic form unless otherwise requested by you. ​ Your right to obtain a copy referred to above shall not adversely affect the rights and freedoms of others. ​ Right to object (Article 21 GDPR) You have the right to object to our processing of your personal data at any time. ​ In detail: Your right to object applies as follows: You have the right to object, on grounds relating to your particular situation, at any time to the process ing of your personal data, which is based on our legitimate interest, i.e., Article 6.1 f GDPR. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. In the context of the use of information society services, you may exercise your right to object by automated means using technical specifications. Right to erasure (“the right to be forgotten”) (Article 17 GDPR) You have the right to ask us to erase your personal data. In detail. We are obligated to erase your personal data without undue delay if: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, you object to the processing pursuant to Article 21.1 GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 GDPR, the personal data have been unlawfully processed, or the personal data must be erased to comply with a legal obligation in Union or Member State law that applies to us. Where we have made the personal data public and are obliged in accordance with the rights stated above to erase the personal data, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data. ​ We will notify any erasure of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us . Please note that our obligation to erase and inform according to the above shall not apply to the extent processing is necessary: for exercising the right of freedom of expression and information, for compliance with a legal obligation that requires processing by Union or Member State law that applies to us, or for the establishment, exercise, or defense of legal claims. Right to rectification of processing (Article 16 GDPR) You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you. ​ In detail: Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. ​ We will communicate any rectification of personal data to each recipient to whom the personal data have been provided unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us. Right to restriction of processing (Article 18 GDPR) You have the right to obtain from us restrictions on the processing of your personal data. ​ In detail: Your right applies if: the accuracy of the personal data is contested by you, during a period enabling us to verify the accuracy of the personal data, you have objected to processing pursuant to Article 21.1 GDPR pending the verification of whether our legitimate grounds override yours, the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use, or you need the personal data for the establishment, exercise, or defense of legal claims even though we no longer need the personal data for the purposes of the processing. ​ Where the processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. ​ We will notify you before the restriction of the processing is lifted. We will also communicate any restriction of processing of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to, unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us ​ ​ ​ responsible description access where rights rights-complaint rights-access rights-object rights-erasure rights-rectify rights-restrict enter-agreement comply This privacy policy was adopted on January 16, 2023.

Upcoming Events Thu, Sep 21 Webinar ActionableAgile Demo with Q&A Sep 21, 3:00 PM – 4:00 PM GMT+2 Webinar In this Webinar, Margaux Fiche (Manager Customer Experience) will walk you through the key charts of ActionableAgile, what to think about when loading a data set and provide some tips and tricks for best practices. She will then answer your questions at the end. Share Register Wed, Oct 18 Auktionsverket Kulturarena Brewing Agile Oct 18, 7:00 PM GMT+2 – Oct 19, 7:00 PM GMT+2 Auktionsverket Kulturarena, Tredje Långgatan 9, 413 03 Göteborg, Sweden We’re happy to sponsor the Brewing Agile Conference in Gothenburg on 18-19 October! And we’d love to meet with you there! You can visit us at our booth and even book a time with us for longer conversations. RSVP to let us know if you’ll be there and’d like to book some 1:1 time with us. Share Register Wed, Nov 08 Malmö Mässan Conference Center Øredev Developer Conference Nov 08, 7:40 AM GMT+1 – Nov 10, 1:00 PM GMT+1 Malmö Mässan Conference Center, Mässgatan 6, 215 32 Malmö, Sweden We’re happy to be back and sponsor our local developer conference, Øredev, in our hometown, Malmö on 8-10 November! And we’d love to meet with you there! You can visit us at our booth and even book a time with us for longer conversations. Share Register

Compliance Programs We are ISO 27001 certified! 55 Degrees is proud to be ISO 27001:2013 certified by external auditing firm, Prescient Security . ​ ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organization's information risk management processes. Complying with ISO 27001:2013 demonstrates implementation and maintenance for the highest security standards controls, assuring secure delivery of 55 Degrees software products and SaaS operations. ​ Verify our registration here .

Legal Archives Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Archives Customer Agreements OnPremise Subscriptions (November 21, 2022) Cloud Subscriptions (July 15, 2022) Sof tware End User License Agr eement (June 30, 2020 - July 15, 2022)

Resources Try our virtual course at Sign Up LEAN SOFTWARE DEVELOPMENT Blog posts and other useful content The 55 Degrees Official Blog EverydayKanban.com - the personal blog of co-founder Julia Wester LeanKit Blog - read posts by Julia Wester LinkedIn Learning Course: Lean Software Development - by Julia Wester Slide decks from Julia Wester's conference talks Publications, Posters, and Downloadable Exercises Transformational Leadership A white-paper from our co-founder, Julia, and others on how to get started with transformational leadership. ​ Copyright: CC BY SA 4.0 . DevOps 'Secret Sauce' (e-book) Julia joins others experts to share insights on succeeding with DevOps. ​ Copyright: DevOps Institute EverydayKanban.com Blog A blog about lean, agile, kanban, management and otherwise doing more with less stress by Julia Wester ​ Copyright: EverydayKanban.com Spectrum Thinking Worksheet A guide to making complex decisions based on spectrum thinking and cycles of experimentation to find your "just right". ​ Copyright: CC BY NC SA 4.0 . Visualizing your work in Kanban This visual guide walks you through the simple steps to get your Kanban board up and running. ​ Copyright: CC BY SA 4.0 . Go with the Flow: A Kanban Sim A kanban simulation that highlights the impacts of context switching. ​ Copyright: CC BY SA 4.0 .

Legal Customer Agreements Cloud Subscriptions On-Prem Subscriptions On-Prem Perpetual Privacy Statement & Policies Community Terms of Use Website Terms of Use Archives Website Terms of Use Welcome to this 55 Degrees Web site (the "Site"), one of the Web sites provided by 55 Degrees AB ("55 Degrees AB") or ActionableAgile Software AB (“ActionableAgile”), a child company of 55 Degrees. Collectively these companies are referred to in this user agreement (the "Agreement") as (“55 Degrees,” "we," or "us"). Portions of the Site may be hosted by our affiliated companies or by other companies with which we have service agreements. This Agreement is a legal contract. By using this Site, you agree to be bound by all of the terms of this Agreement. Please read this Agreement carefully before using this service. This Agreement applies to all usage of any part of the Site. We may restrict, suspend, or revoke your registration or ability to access or use the Site, or any affiliated site, with or without prior notice, if you violate this Agreement. ​ General We reserve the right to change the terms of this Agreement or to modify any features of this Site at any time, so we encourage you to review the Agreement periodically before using the Site. The most current version of the Agreement can be viewed by clicking on the "Terms of Use" link at the bottom of any page in the Site. By continuing to use this Site after the posting of any changes, you agree to be bound by such changes. You are also required to comply with all applicable laws in connection with your access to and use of the Site and such further limitations as may be set forth in any subsequent notice from 55 Degrees. As a condition of your access and use of the Site, you warrant that you will not use the Site for any purpose that is unlawful or prohibited by the Agreement. ​ The Site is intended for the use of adults 18 years or older. You agree to provide accurate, current, and complete information about yourself as requested or directed on the Site, and to promptly update this information to maintain its accuracy. Trademarks and Copyrights All rights in the product names, company names, trade names, logos, product packaging, and designs of all 55 Degrees, or third-party products or services, whether or not appearing in large print or with the trademark symbol, belong exclusively to us or to their respective owners, and are protected from reproduction, imitation, dilution, or confusing or misleading uses under national and international trademark and copyright laws. ​ The use or misuse of these trademarks or any materials, except as permitted herein, is expressly prohibited, and nothing stated or implied on the Site confers on you any license or right under any patent or trademark of 55 Degrees, or any third party. ​ Unauthorized use or distribution of any material from this site may be subject to civil as well as criminal sanctions under the applicable laws. 55 Degrees will enforce its Intellectual Property Rights to the fullest extent. If you wish to use any content for any other reason, you must request and obtain written permission in advance through emailing 55 Degrees at support@55degrees.se . Notice of Copyright Infringement Just as we require users to respect our copyrights and those of our affiliates and partners, we respect the copyrights of others. If you believe in good faith that your copyrighted work has been reproduced on or linked from our site without authorization in a way that constitutes copyright infringement, please provide our designated copyright agent with the following information: Identification of the copyrighted work claimed to have been infringed Identification of the allegedly infringing material on the Site that is requested to be removed Your name, address, and daytime telephone number, and an e-mail address if available, so that we may contact you if necessary A statement that you have a good-faith belief that the use of the copyrighted work is not authorized by the copyright owner, its agent, or the law A statement that the information in the notification is accurate, and under penalty of perjury, that the signatory is authorized to act on behalf of the owner of an exclusive copyright right that is allegedly infringed An electronic or physical signature of the copyright owner or someone authorized on the owner's behalf to assert infringement of copyright and to submit the statement ​ Our copyright agent for notice of claims of infringement on the Site: ​ 55 Degrees AB ℅ Copyrights Lilla Nygatan 7 211 38 Malmö Sweden Email: support@55degrees.se ​ Upon receipt of such a notice of claimed infringement, we will act expeditiously to remove or disable access to any content that is claimed to be infringing upon the copyright of any person under the laws of the Sweden or the European Union, and will terminate the Site privileges of those who repeatedly infringe on the copyright of others. Privacy Your use of the Site is governed by our Privacy Policy . By using the Site, you indicate that you understand and agree to the practices described. Prohibited Conduct By using the Site, you agree not to do the following: ​ Delete or revise any material or other information of any other user, 55 Degrees, or any third party Harvest or otherwise collect information about others, including e-mail addresses, without their consent Take any action that imposes an unreasonable or disproportionately large load on the Site's infrastructure Use any device, software, or routine to interfere or attempt to interfere with the proper working of the Site or any activity conducted on the Site Use or attempt to use any engine, software, tool, agent or other device or mechanism (including, without limitation, browsers, spiders, robots, avatars or intelligent agents) to navigate or search the Site other than the search engine and search agents available on the Site and other than generally available third-party Web browsers Attempt to decipher, decompile, disassemble, or reverse-engineer any of the software comprising or in any way making up a part of the Site Engage in any conduct that restricts or inhibits any other person from using or enjoying the Site, or which, in our judgment, exposes us or any of our users, customers, or suppliers to any liability or detriment of any type Take any action that could endanger or cause damage to us, other users of the Site, or other third parties Accessing data not intended for you or logging into a server or account that you are not authorized to access; Attempting to probe, scan, or test the vulnerability of a system or network or to breach security or authentication measures without proper authorization; Attempting to interfere with service to any user, host, or network, including, without limitation, by way of submitting a virus to, or overloading, "flooding", "spamming", "mailbombing" or "crashing", the Site; Sending unsolicited e-mail, including promotions and/or advertising of products or services, to or through the Site or with reference to us or the Site; or Forging any TCP/IP packet header or any part of the header information in any e-mail or posting. You further agree not to violate or attempt to violate the security of the Site, including, without limitation: Violations of system or network security may result in civil or criminal liability. In accordance with this Agreement, we may investigate and work with law enforcement authorities to prosecute users who are involved in such violations. ​ Links ​ We may, as a convenience to users, provide links to third-party content and other Web sites on or through the Site. We do not endorse, sponsor, or accept any responsibility for such material. We are not responsible for the content or privacy practices of any linked sites. Indemnification You agree to indemnify and hold harmless 55 Degrees AB, subsidiaries, and affiliates, and their directors, officers, managers, employees, shareholders, agents, and licensors, from and against all losses, expenses, damages, and costs, including reasonable attorneys' fees, resulting from, arising out of, or in connection with any violation or alleged violation of this Agreement or its components (including but not limited to the Privacy Policy ), or the failure to fulfill any obligations relating to your account incurred by you or any other person using your account. We reserve the right to assume the exclusive defense of any claim for which we are entitled to indemnification under this section. In such event, you shall provide us with such cooperation as is reasonably requested by us. ​ Disclaimer of Warranties ​ This Site is available "as is." We do not warrant that this Site will be uninterrupted or error-free. There may be delays, omissions, interruptions, and inaccuracies in the news, information, or other materials available through this Site. We are not responsible for the availability or content of other goods and/or services that may be linked to this Site. We do not make any warranties, express or implied, including without limitation, those of merchantability and fitness for a particular purpose, with respect to this Site or any information or goods that are available or advertised or sold through this Site. We do not make any representations, nor do we endorse the accuracy, completeness, timeliness or reliability of any advice, opinion, statement or other material or database displayed, uploaded or distributed in this Site or available through links in this Site. We reserve the right to correct any errors or omissions in this Site. Although we intend to take reasonable steps to prevent the introduction of viruses, worms, "Trojan horses" or other destructive materials to this Site, we do not guarantee or warrant that this Site or materials that may be downloaded from this Site do not contain such destructive features. We are not liable for any damages or harm attributable to such features. If you rely on this Site and any materials available through this Site, you do so solely at your own risk. Limitation of Liability You acknowledge that your use of the Site, and any resource linked to therein, is exclusively at your own risk, and you agree that 55 Degrees, and its managers, employees, agents, and licensors will not be liable for incidental, indirect, consequential, special, punitive, or exemplary damages of any kind, including lost revenues or profits, loss of business, or loss of data, in any way related to this Site or for any claim, loss, or injury based on errors, omissions, interruptions, or other inaccuracies in this Site (including without limitation as a result of breach of any warranty or other term of this Agreement). Any claim against us shall be limited to the amount you paid, if any, for use of this Site. ​ Severability and Integration ​ Unless otherwise specified herein, this Agreement constitutes the entire agreement between you and 55 Degrees and governs your use of this Site, superseding any prior or contemporaneous communications and proposals (whether oral, written, or electronic) between you and us. If any portion of this Agreement is held invalid or unenforceable, that portion shall be construed in a manner consistent with applicable law to reflect, as nearly as possible, the original intention of the parties, and the remaining portions shall remain in full force and effect. ​ No Waiver ​ Our failure to enforce any provision(s) of the Agreement or respond to a breach by any party shall in no way waive its right to subsequently enforce any terms or conditions of the Agreement or respond to any breaches. Termination We may terminate this Agreement and/or suspend or terminate your access to the Site for any reason at any time by providing notice to you. If you wish to discontinue your access to the Site and cancel your account, you may make such a request by contacting us below. Otherwise, applicable sections of the Agreement shall survive any termination of your account or this Agreement. ​ Choice of Law and Forum ​ These terms and conditions are governed by Swedish law, without consideration to its choice of law provisions. The Ystad District Court has exclusive jurisdiction in the first instance on any dispute arising from these terms and conditions. No Professional Advice Any information supplied by any employee or agent of 55 Degrees, whether by telephone, e-mail, letter, facsimile, or another form of communication, is intended solely as general guidance on the use of the Site, and does not constitute professional advice without a separate agreement between you and an agent of 55 Degrees. Even then, only information relayed in performing contracted duties, and relayed during the timeframe of the binding agreement, will be considered professional advice. Accordingly, you agree not to treat any information you receive on or through the Site as professional advice or to rely on it as professional advice. Individual situations and state laws vary and users are encouraged to obtain appropriate advice from qualified professionals in the applicable jurisdictions. Miscellaneous You agree that no joint venture, partnership, employment, or agency relationship exists between you and 55 Degrees as a result of this Agreement or your access to and use of the Site. ​ A printed version of the Agreement and of any notice given in electronic form shall be admissible in judicial or administrative proceedings based upon or relating to this Agreement to the same extent and subject to the same conditions as other business documents and records originally generated and maintained in printed form. ​ Nothing contained in this Agreement is in derogation of our right to comply with governmental, court, and law enforcement requests or requirements relating to your use of the Site or information provided to or gathered by us with respect to such use. Acceptance of Terms ​ Use of this Site is offered to you on your acceptance of these Terms of Use, our Privacy Policy , and any additional terms and conditions set forth on this Site. If you do not agree to be bound by and comply with all of the foregoing, you may not access or use the information or services in this Site. Use of this Site represents your acceptance of the Agreement. ​ Questions ​ If you have any questions or comments about this Agreement, please contact us via support@55degrees.se and indicate that your inquiry concerns our user agreement.