Privacy Policy

Effective date: 01/06/2026
Website: https://divine-data.com
Product: Bug Tracer
Business: Divine Data
Contact: support@divine-data.com

1. Overview

Divine Data provides Bug Tracer, a browser-based bug reporting and issue capture product that helps users, QA teams, support teams, implementation teams, and developers capture clearer bug reports from web applications.

Bug Tracer may be provided through a browser extension, embedded widget, dashboard, developer API, and integration services. It is designed to capture issue context only for the purpose of creating, managing, routing, and supporting bug reports.

This Privacy Policy explains what information we collect, how we use it, how we protect it, when we disclose it, and how users or customers can contact us about privacy matters.

By using Bug Tracer, visiting our website, submitting a support request, or enabling Bug Tracer within your organisation, you acknowledge that personal information may be handled as described in this Privacy Policy.

2. Important notice about screenshots and bug reports

Bug Tracer is designed to capture screenshots and technical context from the active web page when a user intentionally creates a bug report.

Screenshots, annotations, descriptions, page URLs, and related issue details may include personal, confidential, business, customer, or system information depending on what is visible on the page or entered by the user at the time of capture.

Users should review the information before submitting a report and should not intentionally include passwords, API tokens, credit card details, private keys, government identifiers, health information, or other highly sensitive information.

Customer organisations using Bug Tracer are responsible for configuring the product appropriately, informing their users where required, and ensuring that Bug Tracer is used only on applications, pages, and systems where they are authorised to collect issue context.

3. Information we collect

We collect only information that is reasonably necessary to provide, secure, support, and improve Bug Tracer and related Divine Data services.

3.1 Account and contact information

We may collect:

• name
• email address
• organisation or workspace name
• role or team information
• account login details or authentication      identifiers
• support contact details
• billing or licence administration details,      where applicable

3.2 Bug report information

When a user submits a bug report through Bug Tracer, we may collect:

• bug title
• bug description
• expected result
• actual result
• severity or priority
• screenshot
• annotation data
• page URL
• page title
• timestamp
• browser name and version, where available
• operating system, where available
• viewport size
• project or workspace identifier
• reporter name, email, user ID, or role,      where provided or configured
• user-entered comments and supporting      details

3.3 Technical and diagnostic information

Depending on product configuration, we may collect limited technical information required to diagnose the reported issue, such as:

• browser metadata
• device and viewport information
• extension or widget version
• submission status
• error messages generated by Bug Tracer
• integration delivery status
• API request metadata
• audit and security logs
• rate limit and usage events

Where network diagnostics are enabled, Bug Tracer is intended to capture limited metadata such as failed request URL, method, status code, and timing. Bug Tracer does not intentionally collect request bodies, response bodies, cookies, passwords, or authorisation headers by default.

3.4 Integration information

If a customer enables integrations, we may process information needed to connect Bug Tracer with third-party systems, such as:

• Jira site and project details
• Microsoft Teams webhook or channel      configuration
• webhook endpoint configuration
• developer API key metadata
• integration delivery results
• external ticket or message identifiers

Integration credentials, tokens, webhooks, and secrets are treated as restricted secrets and are not intentionally exposed to client-side code or returned in normal API responses.

3.5 Website and support information

When users visit our website or submit a support form, we may collect:

• name
• email address
• organisation
• support category
• support priority
• subject
• description
• affected URL, where provided
• browser or operating system details, where      provided
• workspace or project name, where provided
• communication history relating to the      support request

Users must not submit passwords, API tokens, payment card details, private keys, or other secrets through support forms.

4. Information we do not intentionally collect by default

Bug Tracer does not intentionally collect the following by default:

• passwords
• payment card numbers
• private keys
• full browsing history
• cookies
• authorisation headers
• request bodies
• response bodies
• keystroke logging
• continuous session replay
• continuous background browsing activity
• precise GPS location
• health information
• personal communications such as emails,      texts, or private chat messages

However, if such information is visible on a page, entered into a bug report, included in a screenshot, or submitted in a support request, it may be captured unintentionally. Users and customer organisations are responsible for avoiding unnecessary sensitive information in submitted reports.

5. How we use information

We use collected information for the following purposes:

• creating and storing bug reports
• displaying bug reports in the Bug Tracer      dashboard
• capturing screenshots and annotations
• helping developers reproduce and triage      issues
• routing bug reports to configured      integrations
• creating Jira tickets where enabled
• sending Microsoft Teams notifications      where enabled
• sending webhook or developer API events      where enabled
• providing customer support
• managing accounts, workspaces, users,      roles, and licences
• enforcing usage limits and product      entitlements
• securing the product and preventing misuse
• detecting, investigating, and resolving      errors or incidents
• maintaining audit logs for administrative      and security-sensitive actions
• improving product reliability and      performance
• complying with legal, regulatory, or      contractual obligations

We do not use Bug Tracer data to determine creditworthiness or make lending decisions.

6. Chrome Web Store Limited Use disclosure

Bug Tracer uses data collected through the extension only to provide and improve its single purpose: user-initiated bug capture, report creation, report management, integration delivery, support, security, and related product functionality.

Bug Tracer does not sell user data.

Bug Tracer does not use or transfer user data for purposes unrelated to its single purpose.

Bug Tracer does not use or transfer user data to determine creditworthiness or for lending purposes.

Bug Tracer only transfers data to third parties where required to provide the service, comply with customer configuration, support integrations, maintain security, meet legal obligations, or as otherwise permitted by applicable policy and law.

7. When we disclose information

We may disclose information in the following circumstances:

7.1 To the customer organisation

Bug reports and related data submitted within a customer workspace may be made available to authorised users of that customer organisation, such as workspace owners, admins, developers, QA users, support users, or other configured roles.

7.2 To configured integrations

If a customer enables an integration, Bug Tracer may send bug report information to that integration. This may include Jira, Microsoft Teams, generic webhooks, developer APIs, or similar systems configured by the customer.

Customers are responsible for ensuring they are authorised to send bug report data to those destinations.

7.3 To service providers

We may use trusted service providers to operate, host, secure, monitor, store, support, and maintain Bug Tracer and Divine Data services. These providers may include cloud hosting providers, database providers, object storage providers, email providers, monitoring providers, analytics providers, support tooling providers, and security services.

We require service providers to handle information only for authorised purposes and to apply appropriate confidentiality and security safeguards.

7.4 For legal, security, or compliance reasons

We may disclose information where reasonably necessary to:

• comply with applicable law
• respond to lawful requests from      regulators, courts, or authorities
• enforce our agreements
• investigate misuse, fraud, abuse, or      security incidents
• protect the rights, safety, security, or      property of Divine Data, customers, users, or the public

7.5 Business transfers

If Divine Data is involved in a merger, acquisition, restructure, asset sale, financing, or similar transaction, information may be transferred as part of that transaction, subject to appropriate safeguards.

8. Overseas disclosure

Divine Data is based in Australia, but Bug Tracer and related services may use cloud providers, infrastructure, storage, email, monitoring, support, or integration services that operate in Australia, the United States, and other countries.

Where we disclose personal information overseas, we take reasonable steps to ensure that the recipient handles the information consistently with applicable privacy and security obligations.

Customer-configured integrations may send bug report data to locations determined by the customer’s own third-party systems and providers.

9. Security measures

We take reasonable technical, organisational, and administrative steps to protect information from misuse, interference, loss, unauthorised access, modification, and disclosure.

Security measures may include:

• HTTPS for production traffic
• tenant isolation controls
• role-based access control
• private screenshot and artifact storage
• signed or authenticated access to stored      artifacts
• encryption of sensitive integration      secrets
• API key scoping and revocation
• rate limiting
• payload size limits
• input validation
• audit logging for administrative and      security-sensitive actions
• restricted production access
• monitoring and incident response      procedures
• avoiding secrets in client-side code
• avoiding unnecessary collection of      sensitive data

No internet-based service can be guaranteed to be completely secure. Users and customers should also take care when deciding what information to include in bug reports, screenshots, support requests, and integrations.

10. Customer responsibilities

Customers using Bug Tracer are responsible for:

• using Bug Tracer only where they are      authorised to collect bug report information
• informing their users, staff, testers, or      customers about bug capture where required
• configuring Bug Tracer appropriately for      their environment
• avoiding unnecessary capture of personal,      confidential, regulated, or sensitive information
• configuring masking or redaction controls      where available
• controlling workspace access and user      roles
• reviewing third-party integration      destinations before enabling them
• maintaining their own privacy notices,      policies, contracts, and internal procedures
• ensuring their use of Bug Tracer complies      with applicable laws and agreements

11. User responsibilities

Users submitting reports through Bug Tracer should:

• review screenshots before submission
• avoid including passwords, API tokens,      private keys, payment details, government identifiers, health information,      or other sensitive information
• submit only information relevant to the      issue being reported
• use Bug Tracer only on systems where they      are authorised to report issues
• contact their organisation administrator      or Divine Data if they believe sensitive information was submitted by      mistake

12. Data retention

We retain information only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law, contract, dispute resolution, security, backup, or operational needs.

Bug reports, screenshots, metadata, and integration logs may be retained while the relevant customer account or workspace remains active, unless deleted earlier according to product settings, customer request, retention configuration, or applicable agreement.

Support requests may be retained for as long as reasonably necessary to provide support, maintain business records, resolve disputes, and improve service reliability.

Backups and logs may persist for a limited period after deletion from active systems due to backup cycles, security requirements, and disaster recovery processes.

13. Access, correction, deletion, and export

Users may request access to, correction of, or deletion of personal information held by Divine Data by contacting us using the details in this policy.

Where information belongs to a customer workspace, we may need to refer the request to the relevant customer organisation or require confirmation from the workspace owner or administrator before taking action.

We may refuse or limit a request where permitted by law, including where access would affect the privacy of others, compromise security, reveal confidential business information, or conflict with legal obligations.

14. Data breach response

If we become aware of a data breach affecting personal information, we will assess the incident and take appropriate steps to contain, investigate, and remediate it.

Where required by applicable law, we will notify affected individuals, customers, regulators, or other relevant parties.

Customers must promptly notify Divine Data if they become aware of unauthorised access, accidental disclosure, misuse, or suspected compromise involving Bug Tracer data, accounts, API keys, integrations, or screenshots.

15. Children

Bug Tracer is intended for business, professional, development, QA, support, and internal systems use. It is not directed to children.

Customers must not knowingly use Bug Tracer to collect personal information from children unless they have appropriate authority, notices, consents, and safeguards in place.

16. Marketing communications

We may use business contact information to send service updates, product information, or support communications where permitted by law.

Users can opt out of marketing communications where an unsubscribe option is provided. Service, security, billing, support, and operational communications may still be sent where necessary.

17. Cookies and website analytics

Our website may use cookies or similar technologies to operate the site, improve performance, understand usage, protect against abuse, and support basic analytics.

Where required, users may be given options to manage cookies through browser settings or website controls.

Bug Tracer does not use cookies to collect full browsing history.

18. Third-party websites and services

Bug Tracer and Divine Data websites may link to third-party websites or services. This Privacy Policy does not apply to those third-party services.

Customers and users should review the privacy and security practices of any third-party services they enable, including Jira, Microsoft Teams, webhook destinations, cloud services, or developer tools.

19. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our product, legal obligations, security practices, or business operations.

The updated version will be posted on this page with a revised effective date. Where required, we may provide additional notice of material changes.

20. Contact us

For privacy questions, support requests, access or correction requests, deletion requests, or concerns about Bug Tracer data handling, contact:

Divine Data
Website: https://divine-data.com
Support: https://divine-data.com/support

If you are part of a customer organisation using Bug Tracer, you may also need to contact your organisation’s workspace administrator for access, deletion, or correction requests relating to your organisation’s workspace.