Privacy Policy

1. Introduction

Welcome to Xping ("we," "our," or "us"). Xping is a test observability platform that helps developers understand test reliability through confidence scoring and flaky test detection. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (xping.io), dashboard (app.xping.io), SDK, and related services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Test Execution Data

When you use the Xping SDK, we automatically collect the following information about your test executions:

• Test Metadata: Test names, test framework type (NUnit, xUnit, MSTest), test outcomes (pass/fail), execution duration, and retry counts
• Environment Information: Operating system, runtime version, .NET version, CI/CD platform identifiers, execution environment (local vs. CI/CD), and Docker/container flags
• Performance Metrics: Execution time variance, resource usage patterns, and network latency measurements
• Timestamp Data: Test execution timestamps and time zone information

Note: We do not collect your source code, test implementation details, sensitive credentials, API keys, or any personally identifiable information from your test code. We only collect metadata about test execution behavior.

2.2 Account and Contact Information

• Contact Form Data: Name, email address, and message content when you contact us through our website
• Account Information: Email address, username, and authentication credentials when you create an account for the dashboard
• Communication Data: Records of your communications with us, including support requests and feedback

2.3 Automatically Collected Information

• Log Data: IP address, browser type, operating system, referring URLs, pages viewed, and access times
• Cookies and Tracking: We use cookies and similar tracking technologies to track activity on our Services and hold certain information (see Section 6)
• Analytics Data: Usage patterns, feature engagement, and service performance metrics

3. How We Use Your Information

We use the collected information for the following purposes:

• Provide Services: To operate and maintain the Xping platform, calculate confidence scores, detect flaky tests, and display test reliability insights
• Service Improvement: To analyze usage patterns, improve our algorithms, enhance our services, and develop new features
• Communication: To respond to your inquiries, send service-related notifications, and provide customer support
• Security: To monitor and analyze security threats, prevent fraud, and protect against malicious activity
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Analytics: To understand how users interact with our Services and optimize user experience

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

4.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf:

• Microsoft Azure: Cloud infrastructure for data storage, email communication (Azure Communication Services), and secrets management (Azure Key Vault)
• Google reCAPTCHA Enterprise: Bot detection and spam prevention on our contact forms
• GitHub: For authentication and account management (if applicable)

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government regulations).

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your information.

4.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using HTTPS/TLS protocols
• Encryption of sensitive data at rest using Azure encryption services
• Secure credential storage using Azure Key Vault
• Regular security assessments and monitoring
• Access controls and authentication mechanisms
• Regular software updates and security patches

Important: While we strive to use commercially acceptable means to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Services and store certain information. Cookies are files with a small amount of data that are sent to your browser from a website and stored on your device.

Types of Cookies We Use:

• Essential Cookies: Required for basic website functionality and security (e.g., authentication, session management)
• Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously
• Preference Cookies: Enable the website to remember your choices (e.g., cookie consent preferences)

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.

7. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Test Execution Data: Retained for the duration of your active account and up to 90 days after account deletion to allow for data recovery
• Account Information: Retained until you request deletion or your account becomes inactive for an extended period
• Communication Records: Retained for up to 3 years for customer support and legal compliance purposes
• Log Data: Retained for up to 12 months for security and troubleshooting purposes

8. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information, subject to certain exceptions
• Data Portability: Request a copy of your data in a structured, machine-readable format
• Opt-Out: Opt out of marketing communications at any time
• Withdraw Consent: Withdraw consent for data processing where we rely on your consent

To exercise these rights, please contact us at our contact page.

9. Third-Party Links

Our Services may contain links to third-party websites, including GitHub, NuGet, and documentation resources. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will take steps to delete such information.

11. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country, where data protection laws may differ. We use Microsoft Azure's global infrastructure, and your data may be stored in data centers in various regions.

By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules. We take appropriate safeguards to ensure your information is protected in accordance with this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our Services after any modifications indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Contact Form: https://xping.io/contact
• Website: https://xping.io

Note: This is a draft Privacy Policy for MVP purposes. As Xping grows and our services evolve, this policy will be updated to reflect our practices and comply with applicable regulations including GDPR, CCPA, and other privacy laws.