Metricus
Legal & Security

Privacy Policy

Privacy information for the Metricus website, billing services, Process Advisor app, support, AI-assisted functionality and related services.

Terms Privacy Data Security Refunds Fair Use

Last updated: 1 June 2026

This Privacy Policy explains how Metricus collects, uses, stores, and discloses personal information in connection with Metricus Process Advisor, the Metricus billing portal, related websites, subscriptions, assessment credits, licensing, support, and associated services.

This Privacy Policy should be read together with the Metricus Process Advisor Terms of Service and the Metricus Process Advisor Data Security & Architecture Statement.

By using Process Advisor or related Metricus services, you agree to the handling of personal information as described in this Privacy Policy.

1. About Metricus

Metricus provides Process Advisor, a workflow analysis, process mining, and AI-assisted advisory product for platforms such as Jira and ServiceNow.

For privacy questions, contact:

Metricus Email: info@metricus.com

2. Scope of this Privacy Policy

This Privacy Policy applies to personal information handled by Metricus in connection with:

  • the Metricus website;
  • the Metricus billing portal;
  • customer account registration;
  • subscriptions and assessment-credit purchases;
  • licence keys and entitlement checks;
  • support requests;
  • product communications;
  • Process Advisor functionality where Metricus processes personal information.

This Privacy Policy does not replace the customer’s own privacy obligations to its employees, users, clients, contractors, or other individuals whose data may be contained in Jira, ServiceNow, or other customer systems.

Where a customer uses Process Advisor to analyse workflow data containing personal information, the customer is responsible for ensuring that it has the right to use that data with Process Advisor.

3. Types of personal information we may collect

3.1 Account and contact information

This may include:

  • name;
  • business email address;
  • organisation name;
  • job title or role;
  • phone number, if provided;
  • billing contact details;
  • support contact details.

3.2 Authentication information

Where you log in using an OAuth provider, such as Google or Microsoft, Metricus may receive limited account information from that provider, such as:

  • name;
  • email address;
  • provider account identifier;
  • authentication status;
  • profile information made available by the provider.

Metricus does not receive or store your Google or Microsoft account password.

3.3 Billing and transaction information

Metricus may process information relating to purchases, subscriptions, assessment credits, licence keys, and entitlements, including:

  • customer account details;
  • subscription status;
  • product and plan purchased;
  • assessment-credit balance;
  • invoice or checkout references;
  • Stripe customer ID;
  • Stripe subscription ID;
  • payment status;
  • currency;
  • billing country or tax-related information where applicable.

Payment-card details are processed by Stripe. Metricus does not store full payment-card numbers or card verification codes.

3.4 Licence and entitlement information

Metricus may process information needed to validate access to Process Advisor, including:

  • public integration keys;
  • private instance keys;
  • instance or domain information;
  • client-slot allocation;
  • customer account identifiers;
  • licence status;
  • platform type;
  • product plan;
  • subscription or assessment-credit entitlement.

3.5 Product usage and technical information

Metricus may collect technical and operational information, such as:

  • IP address;
  • browser type;
  • device type;
  • operating system;
  • session information;
  • login events;
  • access logs;
  • error logs;
  • API requests;
  • entitlement check events;
  • approximate location inferred from IP address;
  • timestamps and diagnostic information.

This information is used for security, troubleshooting, reliability, product improvement, and fraud prevention.

3.6 Support information

If you contact Metricus for support, we may collect:

  • your name and contact details;
  • organisation name;
  • support messages;
  • screenshots;
  • logs;
  • configuration details;
  • licence or subscription information;
  • any other information you choose to provide.

You should avoid sending unnecessary sensitive or confidential information in support requests.

3.7 Customer workflow data

Process Advisor may analyse customer workflow data from platforms such as Jira and ServiceNow.

This may include personal information if such information exists in the customer’s workflow data, for example:

  • assignee names;
  • requester names;
  • resolver names;
  • user identifiers;
  • team or department fields;
  • comments or free-text fields where included;
  • work item references linked to individuals.

For the Jira and ServiceNow app versions, customer workflow datasets are processed within the customer’s authorised platform environment and do not need to be copied to Metricus infrastructure for normal app operation.

Where AI-assisted functionality is used, selected scoped information may be included in prompts sent to an AI provider to generate the requested output. Customers can use Dataset AI Privacy, anonymisation, and AI Report Scope controls to reduce, exclude, or anonymise information before generating AI content.

4. How we collect personal information

Metricus may collect personal information:

  • when you visit our website;
  • when you create or access a billing portal account;
  • when you authenticate using Google, Microsoft, or another login provider;
  • when you purchase a subscription or assessment credits;
  • when licence keys or entitlement checks are created or validated;
  • when you install, configure, or use Process Advisor;
  • when you contact us for support;
  • when you communicate with us by email or other channels;
  • from third-party service providers such as Stripe, authentication providers, Atlassian, ServiceNow, or cloud service providers, where relevant to the service.

5. How we use personal information

Metricus may use personal information to:

  • provide Process Advisor and related services;
  • create and manage customer accounts;
  • authenticate users;
  • process purchases, subscriptions, assessment credits, and licence entitlements;
  • validate access to paid functionality;
  • provide support;
  • respond to enquiries;
  • troubleshoot technical issues;
  • secure our services;
  • detect fraud, misuse, or unauthorised access;
  • improve product reliability and functionality;
  • communicate service updates;
  • send administrative, billing, security, and product notices;
  • comply with legal, accounting, tax, and regulatory obligations;
  • enforce our Terms of Service.

Metricus does not sell personal information.

6. AI-assisted functionality and privacy

Process Advisor may include optional AI-assisted functionality.

Where AI functionality is used, selected information may be used to generate prompts for an AI provider. This may include workflow evidence, derived metrics, user-entered instructions, findings, summaries, or sample work items.

Before AI content is generated, customers may use Process Advisor controls to reduce the information included, including:

  • excluding selected fields from AI prompts;
  • anonymising selected field values;
  • anonymising person-related data;
  • limiting sample work items;
  • excluding specific work items;
  • excluding variants;
  • excluding transition paths;
  • excluding field values;
  • adding report instructions.

AI-generated content should be reviewed before being relied upon.

Metricus does not use customer workflow data to train a Metricus-owned general-purpose AI model unless expressly agreed in writing.

Where third-party AI providers are used, information provided to those providers is handled according to the provider’s applicable service terms, privacy terms, data-processing terms, and security settings.

7. Disclosure of personal information

Metricus may disclose personal information to:

  • cloud hosting providers;
  • database providers;
  • authentication providers;
  • payment processors, including Stripe;
  • email and communication providers;
  • logging, monitoring, and security providers;
  • AI service providers where AI functionality is used;
  • professional advisers, such as lawyers, accountants, auditors, and insurers;
  • regulators, courts, law enforcement, or government agencies where required by law;
  • business transferees in connection with a merger, acquisition, restructure, financing, or sale of assets.

Metricus does not disclose personal information to third parties for their own advertising purposes.

8. Payment processing

Payments are processed by Stripe or another approved payment provider.

Metricus does not store full payment-card numbers or card verification codes.

Stripe may collect and process payment information in accordance with its own terms and privacy policy.

Metricus may receive and store payment-related references, including customer IDs, checkout IDs, subscription IDs, product IDs, price IDs, invoice status, payment status, and entitlement information.

9. Cookies and similar technologies

Metricus websites and services may use cookies or similar technologies to:

  • keep users signed in;
  • support account sessions;
  • remember preferences;
  • improve website functionality;
  • understand usage patterns;
  • detect security issues;
  • support analytics and diagnostics.

You can control cookies through your browser settings. Blocking some cookies may affect the operation of the website, billing portal, or related services.

10. Data storage and security

Metricus uses reasonable technical, organisational, and administrative measures designed to protect personal information from unauthorised access, misuse, loss, alteration, or disclosure.

These measures may include:

  • secure transmission using HTTPS/TLS;
  • access controls;
  • least-privilege access practices where practical;
  • authentication controls;
  • logging and monitoring;
  • managed cloud infrastructure;
  • database security controls;
  • backup and operational safeguards.

No system is completely secure. Metricus cannot guarantee that unauthorised access, disclosure, or loss will never occur.

11. International processing

Metricus may use service providers located in Australia or other countries.

Personal information may be processed or stored outside your country of residence, including by cloud, authentication, payment, support, monitoring, or AI service providers.

Where personal information is transferred internationally, Metricus will take reasonable steps to use service providers and arrangements appropriate for the nature of the service and applicable privacy requirements.

12. Data retention

Metricus retains personal information for as long as reasonably necessary for the purposes described in this Privacy Policy.

Retention periods may depend on the type of information and the reason it is held.

For example:

  • account information may be retained while the account remains active;
  • billing and transaction records may be retained for accounting, tax, audit, and legal purposes;
  • entitlement and licence records may be retained to validate access and prevent misuse;
  • support records may be retained to manage service history and troubleshooting;
  • logs may be retained for security, diagnostics, reliability, and fraud prevention;
  • AI prompt and response data, where applicable, may be subject to the retention terms and settings of the relevant AI provider.

Where personal information is no longer required, Metricus will take reasonable steps to delete, de-identify, or securely retain it in accordance with legal and operational requirements.

13. Customer responsibilities

Customers are responsible for:

  • ensuring they have authority to use personal information with Process Advisor;
  • providing required privacy notices to their users, employees, contractors, clients, or other individuals;
  • obtaining any required consents;
  • configuring Jira, ServiceNow, and related systems appropriately;
  • selecting appropriate Dataset AI Privacy settings;
  • selecting appropriate AI Report Scope settings;
  • avoiding unnecessary inclusion of personal, sensitive, or confidential information in AI prompts;
  • managing user access within their own systems;
  • complying with applicable privacy, employment, data protection, confidentiality, and platform obligations.

14. Access, correction, and deletion requests

You may contact Metricus to request access to, correction of, or deletion of personal information held by Metricus.

Metricus may need to verify your identity before responding.

Some information may need to be retained for legal, accounting, security, contractual, backup, or legitimate business purposes.

Where the relevant personal information is held inside a customer’s Jira, ServiceNow, or other platform environment, requests should generally be directed to the customer organisation that controls that environment.

15. Marketing communications

Metricus may send business-related product, service, billing, support, or security communications.

Metricus may also send marketing communications where permitted by law.

You can opt out of marketing communications by using the unsubscribe link in the relevant message or contacting Metricus.

Even if you opt out of marketing communications, Metricus may still send administrative, billing, service, legal, or security messages.

16. Children

Process Advisor is intended for business and organisational use.

It is not directed to children and should not be used by children.

Metricus does not knowingly collect personal information from children.

17. Changes to this Privacy Policy

Metricus may update this Privacy Policy from time to time.

The updated version will be published with a revised “Last updated” date.

If changes are material, Metricus will use reasonable efforts to provide notice where appropriate.

Continued use of Process Advisor or related Metricus services after the updated Privacy Policy takes effect indicates acceptance of the updated policy.

18. Contact

For privacy questions or requests, contact:

Metricus Email: info@metricus.com

Powered by Metricus Metricus