CoderPush Employee Application Privacy Policy

Last updated: July 4, 2025

1. Introduction

CoderPush (“we,” “us,” “our”) provides internal web and mobile applications (“Applications”) for its employees. This Privacy Policy explains how we collect, use, share, and protect personal data through those Applications, and describes your rights under applicable laws.

2. Data We Collect

• Account Information: Name, work email, employee ID (obtained via Google OAuth).
• Profile Data: Profile picture and basic profile info (from Google’s openid, email, profile scopes).
• Usage Metrics: Login timestamps, page views, feature usage to improve performance and usability.
• Device & Log Data: IP address, browser/OS type, crash reports, and API request logs for security and debugging.

3. How We Use Your Data

• Authentication & Access Control
  • Verify identity via Google OAuth tokens.
  • Enforce role-based access to Application features.
• Service Improvement
  • Analyze usage patterns to optimize workflows and feature development.
• Support & Maintenance
  • Troubleshoot errors, investigate security incidents, and respond to support requests.
• Compliance & Audit
  • Maintain audit logs for regulatory requirements and internal reviews.

4. Data Sharing & Disclosure

• Within CoderPush
  • Shared with authorized team members (e.g., IT, HR, security) on a need-to-know basis.
• Third-Party Service Providers
  • Our hosting provider, analytics tools, and monitoring services under contract to process data on our behalf.
• Legal Requirements
  • May disclose data if required by law, court order, or to protect rights and safety.

5. Data Retention

• Active Accounts: Retained for the duration of your employment plus 1 year for audit purposes.
• Departed Employees: Account data is deactivated upon termination and fully deleted after 1 year.
• Usage Logs & Backups: Retained for up to 3 years to support security investigations and compliance.

6. Security Measures

• Encryption: Data in transit is protected via TLS; sensitive information encrypted at rest.
• Access Controls: Strict role-based permissions and multi-factor authentication for administrators.
• Monitoring: Continuous vulnerability scanning, intrusion detection, and regular security audits.

7. Your Rights

• Access & Correction: You may view and update your personal profile in the Application or request corrections via privacy@coderpush.com.
• Account Deactivation: Request deactivation or deletion of your account upon offboarding.
• Consent Withdrawal: Withdraw consent for non-essential data processing by contacting privacy@coderpush.com.

8. Children’s Data

Our Applications are intended solely for employees aged 18 or older. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this policy to reflect changes in law or our practices. We will notify employees of material changes via email and in-App notices.

10. Contact Us

For questions or privacy requests, contact:

Duc Anh, IT Officer
CoderPush
privacy@coderpush.com