ORGANIC agility® Tools data policy and privacy

Background and data processing

The online ORGANIC agility® software running at and subdomains is copyright of agile42 GmbH. The online tool is developed and run by Agilo Sofware GmbH, a fully-owned company part of the agile42 group, based in Berlin, Germany. The ORGANIC agility data gathered will be processed according to the European Union General Data Protection Regulation (GDPR) and technical best practices. Our Cloud Infrastructure Service providers adhere to the CISPE code of conduct that enables data storage and processing exclusively within the EU. The Organizational Scan is powered by SenseMaker® by Cognitive Edge.

Please contact [email protected] for​ the full data protection policy including the list and policies of our suppliers.

Your data in the ORGANIC agility® Tools

In order to set up an instance of the ORGANIC agility® Tools (Organizational Scan and Agile Strategy Map), we need to obtain and store a limited quantity of personal data from employees of the customer. This is required to provide the employees and management with personal access to the tools.

We take data privacy and security very seriously. All contributions gathered through Organizational Scan (OrgScan) are anonymized and cannot be tracked back to employees, and generated reports only display aggregated data.

Access to a customer’s data is only granted to:

  • coaches that operate on the customer’s Agile Transition project
  • company representatives in order to generate aggregated reports
  • Agilo Software technical staff for support and platform development

At any point in time, a user of the ORGANIC agility® Tools can request to review the data collected or to delete their personal data by writing to ​[email protected]​.

Any ORGANIC agility® Tools customer runs a separate instance of the tool that doesn’t share data with other instances. The customer can request to review the data collected or to delete the instance. At the end of the contractual obligation with the customer, the data will be placed offline and anonymized or deleted if asked so.

Notifications of data security breaches and other important events

In the event that the system would suffer a data breach or other kind of incident in which data is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so, the issue will be communicated immediately to customer representatives using email, telephone or other means. An assessment will be posted on the front page of the customer’s instance and on the front page of the main site for no less than a week. Any further information can be obtained from [email protected].