Log in Book a demo

Privacy Policy

At Deventura, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, and safeguard your information in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

Download PDF Version

Last updated: February 2026

1. Roles and Responsibilities

Data Processor

When you use our platform, Deventura acts as a Data Processor on behalf of your organization (the Data Controller). We process personal data according to your instructions and solely for the purpose of providing our services.

Data Controller

Deventura acts as a Data Controller when processing data for our own purposes, such as managing customer relationships, marketing communications (with consent), and improving our services.

2. Information We Collect

We collect information necessary to provide and improve our services. This includes data you provide directly and data collected automatically through your use of our platform.

Information You Provide

  • Account Data: Name, email address, company name, and role
  • Team Information: Team structure and member details
  • Repository Access: Connection to your version control systems
  • Support and Communication Data: Messages and requests you send us

Information Automatically Collected

  • Git Metadata: Commit history, merge request data, and code review activity
  • Performance Metrics: Delivery patterns and workflow data
  • Platform Usage: How you interact with our dashboard and features
  • Technical Data: Browser type, IP address, and device information

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Deliver and maintain our services: Provide the Deventura platform and its features
  • Analyze developer performance: Generate insights and metrics for engineering teams
  • Offer personalized coaching: Provide AI-powered recommendations for growth
  • Communicate with you: Send service updates, respond to inquiries, and provide support
  • Monitor and address problems: Detect, prevent, and resolve technical issues
  • Detect maltreatment: Identify potential issues affecting team well-being
  • Fulfill legal obligations: Comply with applicable laws and regulations

4. Data Security

We implement robust security measures to protect your data:

Key Security Measures

  • Encryption: All data is encrypted at rest (AES-256) and in transit (TLS 1.2+)
  • No Code Retention: We do not store source code; only metadata and diff-based metrics are processed
  • Access Control: Role-based access with authentication via username/password or SSO
  • Hosting: Infrastructure hosted on Google Cloud Platform with enterprise-grade security
  • Audits: Regular security assessments and vulnerability testing

5. Data Retention

We retain your data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Account data: Retained until end of contract plus 60 days for final processing
  • Support communications: Retained for 3 years or as required by law
  • Git and technical data: Retained for 60 days after processing
  • HR applications: Retained for 6 months after rejection unless consent is given for longer

After the retention period, data is securely deleted or anonymized.

6. Sharing of Data

We may share your information in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in delivering our services
  • Legal Entities: When required by law or to respond to legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Consent: When you have given explicit consent to share your data

Our Subprocessors

Current Subprocessors

Name Purpose Data Stored
Google Cloud Platform Infrastructure and storage Yes (EU region)
Anthropic Claude AI model services No retention

7. International Data Transfers

Our primary data storage is located within the European Union (EU) / European Economic Area (EEA). When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Additional technical and organizational measures as needed

Customers are notified of any changes in subprocessors and may object within 14 days.

8. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data under certain conditions
  • Right to Restriction: Request limitation of processing in specific circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing

To exercise any of these rights, please contact us at privacy@deventura.com.

9. Website, Cookies, and Contact Forms

Cookies

Our website uses cookies to enhance your browsing experience. These include essential cookies for site functionality and analytics cookies to understand how visitors use our site. You can manage cookie preferences through your browser settings.

Contact Forms

When you submit a contact form, we collect the information you provide (name, email, message) to respond to your inquiry. This data is processed based on your consent and our legitimate interest in communicating with you.

10. Job Applicants

If you apply for a position at Deventura, we collect and process your application data including your CV, cover letter, and any other information you provide. This data is used solely for recruitment purposes and is retained for 6 months after the recruitment process ends, unless you consent to longer retention for future opportunities.

11. Contractors and Suppliers

We process personal data of contractors and suppliers to manage our business relationships. This includes contact information, payment details, and contract-related data. Processing is based on contractual necessity and our legitimate business interests.

12. No Sale of Personal Data

Deventura does not sell personal data. We do not share personal information with third parties for monetary or other valuable consideration, as defined under the California Consumer Privacy Act (CCPA) and similar regulations. Your data is used exclusively to provide and improve our services for your organization.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by email. The "Last updated" date at the top of this policy indicates when it was last revised.

Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Privacy inquiries: privacy@deventura.com

Data Protection Officer: dpo@deventura.com

General inquiries: info@deventura.com

Download Full Privacy Policy (PDF)
Get started

Ready to Grow Your Engineering Team?

Join CTOs and VPs of Engineering who trust Deventura with their developer insights. Book a demo to see how we can help your team grow while keeping your data secure.

Book a demo

Privacy you can trust