top of page

SOFTWARE PRIVACY POLICY
S2PowerTools™ PRO​

PREAMBLE

This Privacy Policy ("Policy") explains how S2insight Inc. ("Company," "we," "us," or "our") collects, uses, shares, retains, and protects personal information and data in connection with “S2PowerTools”, a VSTO extension for Microsoft Project ("Software"). This Policy is effective as of the date of Software installation or first use and applies to all users of the Software ("Users," "you," or "your").

We are committed to protecting your privacy and ensuring transparency about our data practices. Please read this Policy carefully. By installing, downloading, or using the Software, you acknowledge that you have read and understood this Policy and consent to our data collection and processing practices as described herein.​

​

1. OVERVIEW AND PHILOSOPHY

1.1 Privacy by Design. The Software is designed with privacy as a core principle. We minimize data collection to only what is necessary for Software operation, verification, and compliance purposes. Where possible, data is processed locally on your device rather than transmitted to external servers operated by our cloud providers.

1.2 Limited Scope of Data Collection. Unlike many enterprise software solutions, we do NOT collect:

  • Project content, schedules, or resource allocations

  • Task descriptions, comments, or notes

  • Resource names or organizational hierarchy data

  • Financial or budgeting information

  • Custom field data created within your projects

Our data collection is limited to operational, compliance, and diagnostic information necessary for Software delivery and support.​​

​

2. INFORMATION WE COLLECT

2.1 License Verification and Compliance Data

When you install and use the Software, the following information is collected for license verification and compliance purposes only:

  • License Key and User Identifiers: Your unique identifiers and license key assigned by Licensor

  • EULA Acceptance Record: Your unique identifiers, date, time, and version of the End User License Agreement you accepted

  • License Tier or Edition: Which version of the Software is licensed to you (if applicable)

2.2 Support and Troubleshooting Data

If you contact us for support, we may collect:

  • Support Request Details: Your description of the issue, steps to reproduce, and screenshots provided

  • Contact Information: Your name, email address, phone number (only if voluntarily provided)

  • Ticket Metadata: Date and time of the support request, support priority level, ticket ID

  • Correspondence: Contents of email exchanges between you and our support team

  • System Information: Information about your system configuration, Microsoft Project setup, and Software configuration (only what you provide or authorize us to access)

  • Software Version Number: The specific version of the Software installed

  • Microsoft Project Version: Which version of Microsoft Project you are running (2021, 2024, Online, etc.)

  • Operating System Information: Your device's operating system type and version (Windows 10, Windows 11, macOS, etc.)

  • Crash Reports: Information about Software crashes or critical errors, including error codes and stack traces

  • Performance Metrics: Response times, memory usage, and performance issues encountered

  • Installation and Configuration: Whether the Software is installed in standard or custom configurations

2.3 Local EULA Acceptance Log

The Software creates a local log entry on your device containing:

  • Date and time of EULA acceptance

  • Your user identifier information and license key

  • Version number of the agreement presented

  • Installation device identifier (for your device only)

This log is stored locally on your device only and is not transmitted to S2insight or any third party unless you explicitly authorize diagnostic sharing.

2.4 What We Do NOT Collect

We do NOT collect or store:

  • Names or contact information of Licensed Users (except through voluntary support requests)

  • Project names, descriptions, or content

  • Task information, schedules, or timelines

  • Resource data, team assignments, or organizational structures

  • Budgets, costs, or financial data

  • Email addresses from Microsoft Project

  • Calendar data or availability information

  • Custom fields or metadata within projects

  • Browsing history or activity outside the Software

  • Location data or GPS information

  • Biometric data or health information

  • Payment information (handled by third-party payment processors)

​

3. HOW WE USE INFORMATION

3.1 License Verification and Compliance

We use license and activation data to:

  • Verify that your license is valid and current

  • Prevent unauthorized or fraudulent use

  • Monitor compliance with license terms

  • Enforce license restrictions regarding user count and deployment scope

  • Generate usage reports for billing purposes

3.2 Support and Customer Service

We use support-related information to:

  • Respond to your support requests

  • Troubleshoot and diagnose issues you report

  • Identify and fix bugs or security vulnerabilities

  • Improve support processes and documentation

  • Track support trends and common issues

  • Follow up on unresolved problems

3.3 Compliance and Legal Obligations

We use certain information to:

  • Comply with applicable laws and regulations

  • Enforce our terms and agreements

  • Protect against fraud, unauthorized use, or abuse

  • Respond to legal requests or court orders

  • Maintain audit trails for compliance verification

3.4 What We Will NOT Do With Your Data

We will NOT:

  • Sell or share your personal information with third parties for marketing purposes

  • Use your data to create marketing or advertising profiles

  • Share data gathered during support activities publicly 

  • Use your information for purposes other than those listed above

  • Use your information for political, religious, or discriminatory profiling

​

4. DATA SHARING AND DISCLOSURE

4.1 No Third-Party Sharing for Marketing

We do not sell, trade, or share your personal information with third parties for their marketing purposes. Your data is not available on data broker websites or shared with advertisers.

4.2 Service Providers

Data is managed by cloud infrastructure and processing providers including:

  • Microsoft Office 365, OneDrive, and Microsoft 365 services for data storage and processing

  • Google Workspace and Google Drive for data storage and processing

  • LicenseSpring for software licensing.

These providers act as data processors as described in Section 7.2, and process personal information on our behalf under Data Processing Addendums (DPAs) and comply with applicable data protection laws including GDPR and PIPEDA. All data stored with these providers is subject to their security, encryption, and access controls. You may review their privacy and security practices at their respective trust centers.

4.3 Microsoft Corporation

The Software is an extension to Microsoft Project. We do NOT automatically share your data with Microsoft. However:

  • Microsoft's Collection: Microsoft itself collects telemetry data from Microsoft Project as governed by Microsoft's privacy policy, separate from our Software

  • Your Choice: You control Microsoft Project's diagnostic settings independently through Microsoft's privacy settings

  • Limited Interaction: S2insight does not process or share data with Microsoft except where required to fulfill Software functionality (e.g., reading project structure from Microsoft Project)

4.4 Legal Compulsion

We may disclose your information without consent if required by:

  • Law or legal process (court order, subpoena, government investigation)

  • Protection of rights, property, or safety of S2insight, Users, or the public

  • Fraud detection or prevention

  • Enforcement of our terms and agreements

We will provide you with notice of such disclosure to the extent legally permitted.

4.5 Business Transfer

If S2insight is acquired, merged, or undergoes bankruptcy or asset sale, your information may be transferred as part of that transaction. We will provide notice of any material change in data handling practices following such transfer.

​

5. DATA RETENTION AND DELETION

5.1 Retention Periods

License and Activation Data:

  • Retained for the duration of your active license and one (1) year following termination for compliance and audit purposes

  • Older records may be retained in anonymized or aggregated form for historical analysis

Support and Diagnostic Records:

  • Retained for duration of your active license and seven (7) years to maintain service history and support quality

  • Longer retention if required by law

Local EULA Log:

  • Stored on your device (see removal process below)

  • Not transmitted off your device

5.2 Your Deletion Rights

You may request deletion of personal information by contacting us at help@s2insight.com.  Upon your request, we will:

  • Delete personal information within thirty (30) days where legally permissible

  • Retain only the minimum information required for license verification and compliance

  • Provide confirmation of deletion upon request

5.3 Automatic Deletion Upon Termination

When your license terminates or expires:

  • We retain license verification records for one (1) year for audit purposes

  • We delete personal contact information from support tickets after one (1) year

  • You may request early deletion by contacting help@s2insight.com

5.4 Data on Your Device

Your local EULA acceptance log will remain on your device. You may manually delete this log through:

  • Uninstalling the Software

  • Clearing your application data through Windows Settings or macOS System Preferences

  • Contacting support for assistance with local file removal

​

6. DATA SECURITY

6.1 Security Measures

We implement industry-standard security measures to protect your information, including:

  • Encryption in Transit: Data transmitted between the Software and our cloud providers (Microsoft Office 365, OneDrive, LicenseSpring, Google Workspace, and Google Drive) is encrypted using TLS 1.2 or higher (HTTPS).

  • Third-Party Security Standards: Data transmitted to and stored with Microsoft Office 365, OneDrive, Google Workspace, and Google Drive benefits from their enterprise-grade encryption (TLS 1.2+), data center security controls, and compliance certifications (ISO 27001, SOC 2, etc.). Detailed security specifications are available in their respective trust center documentation.

  • Access Controls: Strict role-based access controls limit employee access to personal information to those with a business need

  • Authentication: Multi-factor authentication required for S2insight employee access to production systems

  • Firewalls and Intrusion Detection: Network-level security measures to prevent unauthorized access

  • Employee Training: All employees handling personal information complete security and privacy training

6.2 Security Limitations

While we maintain robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security against all threats, including:

  • Sophisticated cyber-attacks or zero-day exploits

  • Theft or loss of device containing local data

  • Compromise of your device through malware or unauthorized access

  • Insider threats or employee misconduct (though mitigated by controls)

  • Third-party service provider breaches

6.3 Breach Notification

In the event of a confirmed data breach involving your personal information:

  • Notification: We will notify affected Users within thirty (30) days via email to the address in our records

  • Details: The notification will describe the nature of the breach, information affected, and steps we took in response

  • Remediation: We will provide information on protective steps you can take

  • Authority Notification: Where required by law, we will notify applicable data protection authorities

​

7. INTERNATIONAL DATA TRANSFERS

7.1 Data Location & Processing Arrangement

S2insight does not maintain independent servers or data processing infrastructure. Instead, all cloud-based data transmission, storage, and processing is managed by third-party cloud service providers:

  • Microsoft Office 365 and OneDrive: Used for license verification, support records, and diagnostic data storage and processing

  • Google Workspace and Google Drive: Alternative or supplementary storage and processing for the same data types

These cloud providers operate data centers globally, including in the United States, European Union, and other regions. The geographic location of your data depends on:

  • The default region configured in your organizational Microsoft 365 or Google Workspace tenant

  • The cloud provider's data residency policies and settings

  • Your jurisdiction and applicable legal requirements

Your control: If you use Microsoft 365 or Google Workspace, you may configure data residency preferences through your tenant admin settings independently of S2insight. S2insight does not control these settings.

Local data: Your local EULA log remains stored on your device and is not transmitted to S2insight, Microsoft, or Google unless you explicitly authorize diagnostic sharing.

Project data: Project content does not leave your device unless you explicitly export or share it through Microsoft Project, OneDrive, or Google Drive.

 

7.2 Data Processor Roles

S2insight is the data controller for personal information collected by the Software. Microsoft and Google are data processors handling data on S2insight's behalf under contractual data processing agreements. You may have separate data controller or data subject relationships with Microsoft and Google depending on your organizational agreements with them.

We recommend reviewing:

  • Microsoft Trust Center and Privacy for Microsoft 365 and OneDrive data handling

  • Google Cloud Privacy & Security for Google Workspace and Google Drive data handling

7.3 International Data Protection

If you are located in the European Union, United Kingdom, Australia, Canada, or other jurisdictions with strict data protection requirements:

  • We comply with applicable data protection regulations including GDPR, PIPEDA, Australian Privacy Principles (APPs), and equivalent regimes

  • Data transfers to and processing by Microsoft and Google are authorized under Standard Contractual Clauses, Binding Corporate Rules, or adequacy determinations where applicable, as implemented by Microsoft and Google for their enterprise cloud services

  • You have rights of access, correction, deletion, and data portability as described in Section 8, and we will facilitate these rights in coordination with our cloud service providers

7.4 Non-EU User Agreement

If you are located outside the EU, Australia, Canada, or other jurisdictions with equivalent requirements:

  • Your information may be transmitted to, stored in, and processed by Microsoft or Google infrastructure, which may be located in the United States or other countries

  • U.S. and other applicable data protection laws apply to processing by Microsoft and Google

  • You consent to such transfer and processing by using the Software

​

8. YOUR PRIVACY RIGHTS AND CHOICES

8.1 Right of Access

You have the right to request and receive a copy of personal information we hold about you. Submit requests to help@s2insight.comwith "Data Access Request" in the subject line.

8.2 Right to Correction

If personal information is inaccurate, incomplete, or outdated, you may request correction. Contact help@s2insight.com to submit corrections.

8.3 Right to Deletion

Subject to legal retention requirements, you may request deletion of personal information. We will delete information within thirty (30) days unless retention is legally required. Respond to help@s2insight.com.

8.4 Right to Portability

You have the right to request personal information in a portable, machine-readable format. We will provide this within thirty (30) days in standard formats (CSV, JSON, etc.).

8.5 Right to Withdraw Consent

If you have previously consented to data collection practices, you may withdraw such consent at any time by contacting help@s2insight.com. We will stop further collection of the specific data type within thirty (30) days.

8.6 Cookie and Tracking Technologies

The Software does not use cookies or web-based tracking technologies. The Software is a desktop application and operates without browser-based tracking mechanisms.

8.7 Do Not Track Signals

We do not respond to Do Not Track (DNT) browser signals because the Software is not a web-based application. However, your privacy controls described above apply regardless.

8.8 Exercising Your Rights

To exercise any of the rights described in this section, contact us at:

S2insight Inc.
Software Privacy
Email: help@s2insight.com
Mail: 231 Market Place #352, San Ramon, CA 94583


Response Time: Within thirty (30) days

​

9. CHILDREN'S PRIVACY

9.1 No Collection from Children

The Software is not designed for, marketed to, or intended for use by individuals under the age of thirteen (13). We do not knowingly collect personal information from children under thirteen.

9.2 Education and Enterprise Use

In educational or enterprise environments where individuals under eighteen (18) may use the Software:

  • Parents, guardians, or institution administrators are responsible for ensuring appropriate use

  • We recommend parental or institutional consent before deploying the Software to minors

  • The privacy practices described herein apply to all users regardless of age

9.3 Child Privacy Remediation

If we become aware that a child under thirteen has provided personal information, we will delete such information promptly and notify the parent or guardian.

 

10. THIRD-PARTY SERVICES AND INTEGRATIONS

10.1 Microsoft Project Integration

The Software integrates with Microsoft Project. Microsoft independently:

  • Collects telemetry and diagnostic data from Microsoft Project

  • Maintains its own privacy policy and data practices

  • Controls your Microsoft Project data and settings

S2insight is not responsible for Microsoft's data practices. Review Microsoft's Privacy Statement for details on how Microsoft handles your data.

10.2 External Integrations

If the Software includes optional integrations with third-party services (e.g., cloud storage, communication platforms):

  • Third-party services maintain their own privacy policies

  • Your use of such integrations is governed by their terms

  • S2insight is not responsible for third-party data practices

  • You must review third-party privacy policies before authorizing integrations

10.3 Third-Party Privacy Policies

We maintain links to third-party privacy policies in our Software documentation. We recommend reviewing these policies to understand how third parties handle your data.

 

11. CALIFORNIA PRIVACY RIGHTS

11.1 CCPA Rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request what personal information is collected, used, shared, or sold

  • Right to Delete: You may request deletion of personal information collected (subject to exceptions)

  • Right to Opt-Out: You may opt-out of any "sale" of personal information (though we do not sell data for marketing purposes)

  • Right to Correct: You may request correction of inaccurate personal information

  • Right to Non-Discrimination: You may not be discriminated against for exercising your rights

11.2 Submitting California Privacy Requests

Submit requests via email to help@s2insight.com or mail. Include your name, email, and specific request. We will respond within 30-45 days. You may authorize an agent to submit requests on your behalf with written authorization.

11.3 Shine the Light Law

California residents may request a list of third parties with whom we share personal information for their marketing purposes. Submit requests to help@s2insight.com.

 

12. EUROPEAN UNION PRIVACY RIGHTS

12.1 GDPR Rights

If you are located in the EU or UK, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access: Obtain confirmation whether we process your data and request a copy

  • Right to Rectification: Correct inaccurate or incomplete personal data

  • Right to Erasure: Request deletion of your data (right to be forgotten)

  • Right to Restrict Processing: Request limitation of how we use your data

  • Right to Data Portability: Receive your data in a structured format or transfer to another controller

  • Right to Object: Object to certain processing including marketing and profiling

  • Rights Related to Automated Decision-Making: Request human review of automated decisions affecting you

12.2 Lawful Basis for Processing

We process personal information under the following lawful bases:

  • Contractual Necessity: Processing necessary to provide the Software and perform our obligations

  • Legitimate Interests: Processing necessary for our business interests (fraud prevention, security)

  • Legal Obligation: Processing required by law

  • Consent: Where you have provided explicit consent

12.3 Data Controller and Data Processors

S2insight Inc. is the data controller for personal information collected by the Software. Microsoft (Office 365, OneDrive, and Microsoft 365) and Google (Workspace and Google Drive) act as data processors on our behalf under contractual data processing agreements.

Data Protection Framework:

  • Our data processing and transfers are governed by Standard Contractual Clauses (SCCs) and other lawful transfer mechanisms implemented by Microsoft and Google for their enterprise cloud services

  • We execute Data Processing Addendums (DPAs) with organizations that require them. Contact help@s2insight.com for a DPA

  • Microsoft and Google maintain their own Standard Contractual Clauses and/or Data Processing Agreements; you may request copies of these processor-level agreements or review them through their respective trust centers

S2insight Inc. is the data controller. Data processing is governed by Standard Contractual Clauses. We execute Data Processing Addendums (DPA) with organizations that require them. Contact help@s2insight.com for a DPA.

Data Subject Rights: You may exercise your GDPR rights (access, rectification, erasure, restriction, portability, objection) directly with S2insight at help@s2insight.com. S2insight will coordinate with Microsoft and Google to fulfill these requests where necessary.

12.4 Data Protection Officer

For EU users, our Data Protection Officer is available at help@s2insight.com.

 

13. CANADIAN PRIVACY RIGHTS

13.1 PIPEDA Compliance

If you are a Canadian resident, your information is protected under the Personal Information Protection and Electronic Documents Act (PIPEDA):

  • We collect information solely for lawful purposes related to Software operation and support

  • You may request access to or correction of your personal information

  • You may lodge complaints with the Privacy Commissioner of Canada

13.2 Canadian Data Requests

Submit access or correction requests to help@s2insight.comWe will respond within thirty (30) days.

 

14. AUSTRALIA PRIVACY RIGHTS

14.1 APPs Compliance

If you are an Australian resident, your information is protected under the Australian Privacy Principles (APPs):

  • We collect and handle personal information in accordance with the Privacy Act 1988 (Cth)

  • You may request access to or correction of your personal information

  • You may lodge complaints with the Office of the Australian Information Commissioner

14.2 Australian Data Requests

Submit requests to help@s2insight.com We will respond within thirty (30) days.

 

15. POLICY UPDATES AND CHANGES

15.1 Right to Modify

We may update this Policy at any time to reflect changes in our practices, new features, legal requirements, or other factors. Material changes will be notified to Users via:

  • Email notification to registered contacts

  • Notice within the Software

  • Updated version posted on our website

15.2 Effective Date of Changes

  • Minor Updates: Effective immediately upon posting

  • Material Changes: Effective thirty (30) days after notification, unless you reject the changes by discontinuing use of the Software

15.3 Continued Use

Your continued use of the Software following notification of policy changes constitutes acceptance of the updated Policy.

15.4 Version History

The current version of this Policy is Version 1.0 (January 2026). Previous versions are available upon request.

 

16. CONTACT US

16.1 Privacy Inquiries

If you have questions, concerns, or requests regarding this Policy or our privacy practices, please contact us:

S2insight Inc.

Privacy Department
Email: help@s2insight.com
Mail: S2insight Inc., 231 Market Place #352, San Ramon, CA 94583
Phone: +1 (925) 465-1254

Response Time: We will respond to privacy inquiries within thirty (30) business days.

16.2 Escalation

If you are not satisfied with our response, you may escalate concerns to:

S2insight Inc. Legal Department
Email: help@s2insight.com

16.3 Data Protection Authority Complaints

You have the right to lodge complaints with data protection authorities in your jurisdiction:

  • European Union/UK: Your local data protection authority

  • California: California Privacy Protection Agency

  • Canada: Privacy Commissioner of Canada

  • Australia: Office of the Australian Information Commissioner

 

17. ACKNOWLEDGMENT

BY INSTALLING, DOWNLOADING, OR USING THE SOFTWARE, YOU ACKNOWLEDGE THAT:

  • You have read and understood this Privacy Policy

  • You consent to the collection, use, and disclosure of information as described herein

  • You understand the types of data collected and how it will be used

  • You are aware of your privacy rights and how to exercise them

  • You understand that some data collection is necessary for Software operation and cannot be disabled without affecting functionality

 

VERSION 1.0 – COMPREHENSIVE PRIVACY POLICY

Last Updated: January 2026

S2insight Inc.

Effective Date: Upon Software Installation

 

APPENDIX A: GLOSSARY OF TERMS

 

Aggregated Data: Information combined from multiple users in a form that cannot be attributed to any specific individual.

De-identified Data: Personal information that has been processed to remove or mask identifiers, making it difficult or impossible to attribute to a specific individual.

Diagnostic Data: Technical information about Software performance, errors, and system configuration.

License Verification: The process of confirming that a license is valid, current, and in compliance with terms.

Personal Information: Any information relating to an identified or identifiable individual.

Processing: Any operation performed on data, including collection, storage, analysis, use, or sharing.

Service Provider: A third-party contractor who processes personal information on behalf of S2insight under contract.

Telemetry: Automatic collection of technical data and usage information.

APPENDIX B: DATA RETENTION REFERENCE TABLE​​​​​​​​​​​​​​

Data Retention Table.jpg

For questions or to request changes to this policy, contact help@s2insight.com

bottom of page