Privacy Policy

Last updated: March 30, 2012.

This Privacy Policy describes Asana’s policies and procedures on the collection, use and disclosure of your information when you use the Asana Service. We will not use or share your information with anyone except as described in this Privacy Policy. This Privacy Policy does not apply to information we collect by other means (including offline) or from other sources. Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Service. By accessing or using the Service, you agree to this Privacy Policy.

Information We Collect and Use

Asana uses information we collect to operate, maintain and provide you the features and functionality of the Service, to analyze how the Service is used, diagnose service or technical problems, maintain security, personalize content, remember information to help you efficiently access your account, monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns, and track Content and users as necessary to comply with the Digital Millennium Copyright Act and other applicable laws.

Information You Provide: You provide us information about yourself, such as your name and e-mail address, if you register for an account with the Service, including by connecting with the Service via a third-party service, or by “following,” “becoming a fan,” adding the Asana application, etc., on a third party website or network. Your name, email address and other information you choose to provide on the Service will be viewable and discoverable by other users, in accordance with your settings on the Service.

We may use your email address to send you Service-related notices (including any notices required by law, in lieu of communication by postal mail). We may also use your contact information to send you marketing messages. If you don’t want to receive these messages, you can opt out by following the instructions in the message. If you correspond with us by email, we may retain the content of your email messages, your email address and our responses.

If you choose to use our invitation service to invite a friend to the Service, we will ask you for that person’s email address and automatically send an email invitation. Asana stores this information to send this email, to register your friend if your invitation is accepted, and to track the success of our invitation service.

Content: You also provide us information in Content you post to the Service. Your Content and metadata about your Content may be viewed by other users in accordance with your settings on the Service. Asana can, but has no obligation, to monitor your Content you post on the Service. We can remove any information you post for any reason or no reason. Unless Content is made viewable in accordance with your settings on the Service, Asana and Asana employees will not view your Content except: (i) to maintain, provide or improve the Service; (ii) to help you and resolve your support requests; or (iii) as Asana believes, in its sole opinion, is necessary to comply with or avoid the violation of applicable law or regulation or to cooperate with law enforcement.

Cookies: When you use the Service, we may send one or more “cookies” – a small data file – to your computer to uniquely identify your browser and let Asana help you log in faster and enhance your navigation through the site. A cookie may convey anonymous information about how you browse the Service to us. A persistent cookie remains on your hard drive after you close your browser so that it can be used by your browser on subsequent visits to the Service. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Service may not function properly if the ability to accept cookies is disabled.

Log Files: When you use the Service, our servers automatically record certain information sent by your web browser. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, mobile carrier, and other such information.

Clear Gifs Information: When you use the Service, we may employ clear gifs (also known as web beacons) which are used to track the online usage patterns. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting and make Asana better for our users.

Geo-Location Information: When you use the Service by or through a mobile device, we may access, collect, monitor and/or remotely store “location data,” which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device. Location data may convey information about how you browse the Service to us. Location data does not collect or share any personally identifiable information about you. Location data may be used in conjunction with personally identifiable information. Some features of the Service, particularly location-based services, may not function properly if use or availability of location data is impaired or disabled.

Device Identifiers: When you access the Service by or through a mobile device, we may access, collect, monitor and/or remotely store one or more “device identifiers.” Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device and are used to enhance the Service. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by us. A device identifier may convey information about how you use the Service to us. A device identifier does not collect or share any personally identifiable information about you. A device identifier may be used in conjunction with personally identifiable information. A device identifier may remain persistently on your device, to help you log in faster and enhance your navigation through the Service. Some features of the Service may not function properly if use or availability of device identifiers are impaired or disabled. Asana may access, collect and/or store device identifiers upon enabling Asana’s Services.

Third Party Tools: Asana uses third party analytics tools, such as Google Analytics, to help understand use of the Service. Many of these tools collect the information sent by your browser as part of a web page request, including cookies and your IP address. These analytics tools also receive this information and their use of it is governed by their privacy policy.

How We Share Your Information

Your Use: We will display your Personal Information in your profile page and elsewhere on the Service according to the preferences you set in your account. Any information you choose to provide should reflect how much you want others to know about you. Please consider carefully what information you disclose in your profile page and your desired level of anonymity. You can review and revise your profile information at any time. We may also share or disclose your information with your consent, for example if you use a third party application to access your account (see below).

Service Providers, Business Partners, and Others: Asana may share your personally identifiable information with other third parties for the purpose of providing the Service to you. If we do this, such third parties’ use of your information will be bound by this Privacy Policy. We may also store personal information in locations outside the direct control of Asana (for instance, on servers or databases co-located with hosting providers).

Business Transfers: As we develop our business, we may buy or sell assets or business offerings. Customers, email, and visitor information is generally one of the transferred business assets in these types of transactions. We may also transfer or assign such information in the course of corporate divestitures, mergers, or dissolution.

Third Party Services: We may share your information with a third party application with your consent, for example when you choose to access our Services through such an application. We are not responsible for what those parties do with your information, so you should make sure you trust the application and that it has a privacy policy acceptable to you.

Compliance with Laws and Law Enforcement Requests; Protection of Asana’s Rights: Asana may disclose your personal information if required to do so by law or subpoena or if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect Asana’s rights or property.

Non-Personally Identifiable Information: We may disclose your non-private, aggregated, or otherwise non-personally identifiable information, such as anonymous usage data, platform types, etc., with interested third parties to help them understand the usage patterns for certain Asana Services.

How We Protect Your Information

The security of your information is important to us. When you enter sensitive information (such as a credit card number) as part of our service, we encrypt the transmission of that information using secure socket layer technology (SSL).

Asana uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information, once we receive it. For example, we continuously and regularly back up your data to help prevent data loss and aid in data recovery. We also guard against common web attack vectors, host data in secure SAS 70 audited data centers, and implement firewalls and access restrictions on our servers to secure our network and better protect your information. No method of electronic transmission of storage is 100% secure, however, and we cannot ensure or warrant the absolute security of any information you transmit or store in the Service.

In the event that personal information is compromised as a result of a breach of security, Asana will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law.

If you have any questions about security on our Service, you can view our Security Overview Page or contact us at security@asana.com

Your Choices About Your Information

You may, of course, decline to submit personally identifiable information through the Service, in which case Asana may not be able to provide certain services to you. You may update or correct your account information at any time by logging in to your account.

Asana Blog & Community

Our Service offers publicly accessible community services including blogs, and forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account.

Safe Harbor

Asana complies with the U.S. – E.U. Safe Harbor Framework and the U.S. – Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Asana has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, please visit http://export.gov/safeharbor.

Children’s Privacy

Protecting the privacy of young children is especially important. Our Service is not directed to persons under 13. Asana does not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to register with the Service. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we take steps to remove that information. If you believe that we might have any information from or about a child under 13, please contact us at privacy@asana.com.

International Data Transfer

We may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties (as provided herein) across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. and the use and disclosure of information about you, including personal information, as described in this Privacy Policy.

Links to Other Web Sites

We are not responsible for the practices employed by websites linked to or from the Service, nor the information or content contained therein. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our website, is subject to that website’s own rules and policies.

Changes to Our Privacy Policy

If we change our Privacy Policy, we will post those changes on this page to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@asana.com.