Privacy Policy

1. Highlights

  • We will never sell your information to a third party.
  • We never share information about your projects, repositories, users, or other data with anyone unless you request in writing that we do so.
  • When we have a legal obligation to do so, or in cases of suspected fraud, we may share data with law enforcement.
  • Please write to us at if you have questions or would like to export or delete your data.

2. Full Privacy Policy

By using (the “Website”) and/or a ProjectLocker account (the “Service”), you agree to the terms of this Privacy Policy and the Terms of Service. ProjectLocker is operated by ProjectLocker, LLC (“ProjectLocker”). This privacy policy is incorporated into the Terms of Service, and some terms used here may be defined in the Terms of Service. By using the ProjectLocker Service, you are giving ProjectLocker permission to store and use your information in accordance with this Privacy Policy.

3. GDPR Rights

The terms and provisions in this section 3 only apply to you if you are a resident of the EEA and only to the extent that ProjectLocker is subject to the European Union General Data Protection Regulation (“GDPR”). ProjectLocker collects and processes your personal information under the following legal grounds:

  • Consent. Your personal information may be used as described in this Privacy Policy subject to your consent. You can withdraw your consent by contacting us at
  • Legitimate interests. Your personal information may be used to provide the ProjectLocker service.
  • Legal compliance. Your personal information may be used to fulfill our legal obligations. These may include (but are not limited to) (i) federal, state, or local laws, (ii) court orders, (iii) consent decrees.

We may use the information we collect about you as described in Section 6 of this Privacy Policy.

Access, Correction, or Deletion of Your Data

If you want to request an export or deletion of your personal data, please contact us at We are not able to delete personal data that is a part of an active ProjectLocker account if you are not the owner, since doing so would prevent us from providing the service for the account owner. In this case, you may contact the account owner to request that your personal data be anonymized or deleted.

ProjectLocker maintains backups for indefinite periods of time. These are not stored in an accessible format, and are heavily compressed, so it is it not possible to delete personal data from these backups. However, if we are required to restore a backup to active use, we will apply requests for deletion of personal data to the newly restored backups.

4. EU-U.S. and Swiss-U.S. Privacy Shield Frameworks

ProjectLocker complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework(s) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. ProjectLocker has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit ProjectLocker is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. ProjectLocker complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions. ProjectLocker is subject to the investigatory and enforcement powers of the United States Federal Trade Commission. In order to comply with applicable laws and regulations, ProjectLocker may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In compliance with the Privacy Shield Principles, ProjectLocker commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact ProjectLocker at:

ProjectLocker has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit for more information or to file a complaint. The services of JAMS are provided at no cost to you. To facilitate fast and convenient resolution of complaints, you agree to participate in on-line dispute resolution through JAMS Online Mediation (Endispute). Under certain conditions, Privacy Shield provides the right to invoke binding arbitration when other dispute resolution procedures have not provided resolution. This is described in Annex I to the Privacy Shield (

5. Data Collected

We collect anonymous data from every visitor to our websites to monitor traffic and maintain service quality. Data we collect from browsers includes, but is not limited to:

  • Internet Protocol addresses
  • browser type
  • operating system
  • type of device (e.g. laptop or mobile)

In order to use the ProjectLocker service, we require you to register and provide more information, including (but not limited to):

  • email address
  • name
  • names and email addresses of your team members
  • billing information, including credit card information

(ProjectLocker does not store your credit card information, which is held securely at our credit card processor.)

We use cookies to store session information in accordance with Web best practices. Use of the ProjectLocker service requires that cookies be enabled.

6. Use of the Data

We may use the information we collect about you for the following purposes:

  • To provide our services. We use your email address to provide notifications of activity on your projects. We use your name and other descriptive information to clearly identify you in the ProjectLocker system. We use your payment information to bill you for the service and to provide receipts for any payments you make to ProjectLocker.
  • To improve our services. We monitor the service in order to analyze and fix failures.
  • To communicate with you. We very occasionally send service and administrative emails related to the core functioning of the service.
  • Promotional. We very occasionally send emails to promote new or updated features or other topics that we think you will like. You may opt out of these emails by clicking the unsubscribe link in any applicable email.
  • To help you use the service. We use your contact information to respond to you when you have questions about the service.
  • To comply with the law. We may use your information to comply with applicable legal, regulatory, and judicial obligations.

7. Sharing of Data

We utilize several third parties to help us provide the ProjectLocker service, and to communicate with our users. We currently share data with the following third parties:

  • AdRoll: for measuring our advertising effectiveness
  • Amazon Web Services: to provide the core service
  • Atlassian JIRA: for notifications, if you specifically choose this option
  • Basecamp: for notifications, if you specifically choose this option
  • Facebook: for measuring our advertising effectiveness
  • FogBugz: for notifications, if you specifically choose this option
  • Freckle: for notifications, if you specifically choose this option
  • Google Analytics: to help us understand our overall Web traffic
  • Google Apps: for email correspondence when you contact ProjectLocker by email or support ticket.
  • Google Cloud: to provide the core service
  • Groove: for email correspondence when you contact ProjectLocker by email or support ticket.
  • Harvest: for notifications, if you specifically choose this option
  • HipChat: for notifications, if you specifically choose this option
  • HitTail: for understanding our overall audience
  • HubSpot: for measuring our marketing effectiveness
  • Intuit: for our internal accounting, if you pay via invoice or PayPal
  • KissMetrics: for measuring our marketing effectiveness
  • Lighthouse: for notifications, if you specifically choose this option
  • Mailchimp: for email communications
  • New Relic: for performance monitoring
  • Olark: for on-site chat communications
  • PayPal: for billing, if you pay via PayPal
  • Perfect Audience: for measuring our advertising effectiveness
  • Pivotal Tracker: for notifications, if you specifically choose this option
  • Sendgrid: for email communications
  • Slack: for notifications, if you specifically choose this option
  • Stripe: for credit card processing and other billing
  • TSheets: for notifications, if you specifically choose this option
  • Toggl: for notifications, if you specifically choose this option
  • Twitter: for notifications, if you specifically choose this option
  • Vero: for targeted email notifications to subscribers
  • VisualWebsiteOptimizer: for optimizing our Web content

We employ and contract with people and organizations that perform business tasks on our behalf (“Agents”). We may share your information with our Agents in order to provide the service. Agents do not retain any right to use your information beyond what is necessary to carry out the tasks we designate for them.

Note that depending on the particular configuration of your account, all of the third parties in this list may not receive your information. Many of the providers in this list only receive basic information provided by your Web browser as a part of any routine request you make (i.e. Internet Protocol address).

8. Changes to the Privacy Policy

This Privacy Policy may be changed by ProjectLocker at any time. You may request the latest Privacy Policy from ProjectLocker at any time via the e-mail address. We may also notify you of changes by posting an announcement on our website or by sending you an email.

9. Contact

You may contact us with questions or concerns by email at or by mail at:

PO Box 1009
Atlanta, GA 30301

GDPR Data Processing Agreement