Endform logo

Endform AB Privacy Policy

Last Updated: July 1st, 2025

Summary

  • We will not sell your data to anyone.
  • We will send you emails regarding product updates.
  • If you log in with a third party provider (Google, GitHub etc.) we will read some data from that account.
  • We use 3rd party providers like Cloudflare and AWS to process and store our data.
  • We execute your test scripts on our infrastructure to provide our testing services.
  • We temporarily access your specified test targets as part of running your tests.
  • We collect usage data of your test runs for your analytics and our billing purposes.

1. INTRODUCTION

At Endform, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how Endform AB ("Endform," "we," "us," or "our") collects, uses, processes, and protects your information when you use our end-to-end testing platform and related services (the "Services").

By using our Services, you acknowledge that you accept the practices and policies outlined in this Privacy Policy. This Privacy Policy should be read in conjunction with our Terms of Service.

2. INFORMATION WE COLLECT

Important: You should not upload sensitive personal data, financial information, or health records in your test scripts, nor run tests against systems where such data could be captured or processed without prior written approval. Our Services are designed for testing application functionality, not processing sensitive personal information.

2.1 Information You Provide Directly:

Account Information: We collect:

  • Full name and email address
  • Company name and professional information
  • Billing address and payment information

Customer Content: We collect and process:

  • Source code files, test scripts and configurations you upload for testing
  • Test data and parameters you provide
  • Documentation and comments you add
  • Any other files or data you submit to the Services

Communication Data: When you contact us:

  • Support requests and correspondence
  • Feedback and survey responses
  • Email communications with our team

2.2 Information We Collect Automatically:

Usage Data: We automatically collect:

  • Compute time consumed during test execution
  • Number of tests run and their duration
  • Performance metrics and test results
  • Service usage patterns and feature utilization

Technical Data: We collect:

  • IP addresses and location data (city/country level)
  • Browser type, version, and settings
  • Device information and operating system
  • Log files and system diagnostics
  • API usage and integration data

Service Execution Data: To provide our testing services:

  • URLs and endpoints of applications you test
  • Network requests and responses during test execution
  • Screenshots and recordings from test runs
  • Error logs and debugging information

2.3 Information from Third Parties:

Authentication Providers: When you use third-party login:

  • Basic profile information (name, email)
  • Account identifiers from Google, GitHub, etc.
  • Public profile data as permitted by the provider

Payment Processors: We receive:

  • Transaction confirmations and payment status
  • Billing verification data
  • Fraud prevention information

3. HOW WE USE YOUR INFORMATION

We use your information for the following purposes:

3.1 Service Provision:

  • Test Execution: Running your test scripts and source code on our infrastructure
  • Code Processing: Storing and processing your uploaded source code to execute tests
  • Target Access: Accessing your specified applications and websites for testing
  • Results Delivery: Providing test results, reports, and analytics
  • Account Management: Managing your account and subscription

3.2 Billing and Payments:

  • Usage Tracking: Measuring compute time for billing purposes
  • Invoice Generation: Creating and sending invoices
  • Payment Processing: Processing payments and managing subscriptions

3.3 Communication and Support:

  • Product Updates: Sending service announcements and feature updates
  • Technical Support: Responding to support requests and troubleshooting
  • Account Notifications: Sending important account-related communications

3.4 Service Improvement:

  • Performance Optimization: Analyzing usage patterns to improve service performance
  • Feature Development: Understanding user needs to develop new features
  • Security Enhancement: Monitoring for security threats and service abuse

3.5 Legal and Compliance:

  • Legal Obligations: Complying with applicable laws and regulations
  • Terms Enforcement: Enforcing our Terms of Service
  • Dispute Resolution: Resolving disputes and legal claims

4. LEGAL BASIS FOR PROCESSING (GDPR)

Under GDPR, we process your personal data based on:

  • Contract Performance: To provide the Services you've subscribed to
  • Legitimate Interests: For service improvement, security, and business operations
  • Consent: For marketing communications and optional features
  • Legal Obligations: To comply with applicable laws and regulations

5. HOW WE SHARE YOUR INFORMATION

We do not sell your personal data. We may share your information in the following circumstances:

5.1 Service Providers:

We work with trusted third-party service providers:

  • Cloudflare: Cloud hosting and storage services
  • Amazon Web Services (AWS): Cloud hosting, compute, and storage services
  • Stripe: Secure payment processing and billing
  • Email Services: Transactional and marketing email delivery
  • Authentication Providers: Google, GitHub for single sign-on

5.2 Legal Requirements:

We may disclose information when required by law:

  • Court orders or legal processes
  • Government investigations or regulatory requests
  • Protection of our rights, property, or safety
  • Prevention of fraud or illegal activities

5.3 Business Transfers:

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

6. DATA SECURITY

We implement comprehensive security measures to protect your data:

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Strict access controls and authentication
  • Infrastructure Security: Secure cloud infrastructure with AWS and Cloudflare

7. DATA RETENTION

We retain your data for the following periods:

  • Account Data: For the duration of your account plus 30 days after deletion
  • Source Code and Test Scripts: Stored for the duration of your account and deleted within 30 days of account deletion
  • Test Data and Results: Up to 3 months of historical test data and results are retained
  • Usage Data: For billing and analytics purposes, typically 2 years
  • Support Communications: For 3 years to maintain support history
  • Legal Requirements: As required by applicable laws

You can request deletion of your data at any time by contacting us at hello@endform.dev.

8. INTERNATIONAL DATA TRANSFERS

As a Swedish company, we primarily process data within the EU. When we transfer data outside the EU:

  • We use appropriate safeguards such as Standard Contractual Clauses
  • We ensure adequate protection through EU adequacy decisions
  • We implement additional security measures as required

9. YOUR PRIVACY RIGHTS

Under GDPR and Swedish data protection law, you have the following rights:

9.1 Access and Portability:

  • Request a copy of your personal data
  • Receive your data in a machine-readable format

9.2 Correction and Deletion:

  • Correct inaccurate or incomplete data
  • Request deletion of your personal data

9.3 Processing Restrictions:

  • Object to processing based on legitimate interests
  • Restrict processing in certain circumstances
  • Withdraw consent where processing is based on consent

9.4 Marketing Communications:

  • Opt out of marketing emails at any time
  • Manage communication preferences in your account settings

To exercise these rights, contact us at hello@endform.dev. We will respond within 30 days.

10. COOKIES AND TRACKING

We use cookies and similar technologies for:

  • Essential Functions: Account authentication and service functionality
  • Analytics: Understanding service usage and performance
  • Security: Detecting and preventing fraudulent activity

You can manage cookie preferences through your browser settings. Some cookies are essential for service functionality.

11. THIRD-PARTY INTEGRATIONS

Our Services may integrate with third-party tools and platforms. When you use these integrations:

  • The third party's privacy policy applies to their data collection
  • We only share data necessary for the integration to function
  • You can disconnect integrations at any time through your account settings

12. CHILDREN'S PRIVACY

Our Services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware of such collection, we will delete the data promptly.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. When we make material changes:

  • We will post the updated policy on our website
  • We will indicate the effective date of changes

Continued use of our Services after changes become effective constitutes acceptance of the updated policy.

14. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: hello@endform.dev
Address: Endform AB, Tjärhovsgatan 52, 116 28, Stockholm, Sweden

Effective Date: January 7, 2025

This Privacy Policy was last updated on January 7, 2025. Previous versions are available upon request.

Contact Information:

Endform AB (Reg. No. 559520-0832)

Email: hello@endform.dev

Address: Tjärhovsgatan 52, 116 28, Stockholm, Sweden

Effective Date: July 1st, 2025