Background

Project Portfolio Office (“PPO”) provides an online Project Portfolio Management solution (the “Service”) on a subscription basis, primarily aimed at businesses. In most cases, we  act as a Data Processor on behalf of the subscribing business under the terms set out in our Terms and Conditions.

In some instances, such as when we collect personal information for support, communication, or marketing purposes, we act as the Data Controller. This Privacy Notice explains how we handle that information.

What information we collect

We collect two types of information:

  • Information that you actively provide to us
  • Information that we collect automatically (passively)

Examples of actively provided information include your name, surname, and email address when you register for a free trial, subscribe to our newsletter, book training, or sign up for a webinar. The exact information we request depends on the service you’re accessing.

Automatically collected data includes details about your device and browsing behaviour, such as your IP address, browser version, operating system, the pages you visited, referring URLs, and interactions with our website. This could be captured using cookies and third-party plugins (e.g. for chat support or event registrations).

You can manage cookie settings via your browser. For more information, visit www.allaboutcookies.org.

Why we collect your information

We collect personal information to provide, support, and improve your experience with PPO, as well as to meet our legal and operational obligations.

Collection Notice

We collect your personal information directly from you when you engage with our services — for example, when you:

  • Sign up for a free trial
  • Register for a training session or webinar
  • Subscribe to a mailing list or newsletter
  • Complete the sign-up process or request support

The purpose of this collection is to deliver the services you’ve requested, manage your account or registration, respond to your enquiries, and — if you’ve opted in — send you relevant product updates and promotional content. If you choose not to provide certain personal information, we may be unable to offer specific services or respond to certain requests.

We could also collect some information automatically using cookies and third-party plugins (e.g. for chat support or event bookings). This helps us to:

  • Improve our website’s functionality and user experience
  • Analyse traffic patterns and the effectiveness of our marketing
  • Enable services like live chat and event registrations
  • Protect our site from misuse or security threats
  • Serve relevant advertising based on your browsing behaviour
  • Show PPO-related advertising on other websites you visit

You’re always in control – cookie preferences can be updated in your browser, and communications can be opted out of at any time.

Cross-border data transfers

We may store and process your personal information on secure servers outside your country of residence, including in the European Economic Area (EEA), using Amazon Web Services (AWS) infrastructure. The AWS Shared Responsibility Model ensures we retain full control over your data, other words, they do not have access your personal data.

By using our services, you consent to your data being processed in jurisdictions outside your own. If you have concerns, please contact us before submitting your information.

Data security

We implement a range of technical and organisational measures to protect your data, including:

  • Encryption of data in transit and at rest using AES-256 or stronger
  • Identity and Access Management policies are configured to prevent unauthorised access
  • Logging and monitoring provide full accountability
  • Secure data disposal procedures ensure your data is destroyed when you stop using the service

If a data breach occurs that poses a serious risk, we will notify affected individuals and the appropriate regulatory authority, in line with applicable laws.

How long we keep your information

We retain your personal information only as long as necessary to fulfil the purposes described in this notice, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). Once no longer needed, your data will be securely deleted or anonymised.

What are your rights?

You have the right to:

  • Access your personal information
  • Correct any inaccurate or incomplete data
  • Request deletion of your personal information
  • Unsubscribe from marketing communications
  • Lodge a privacy-related complaint

To exercise any of these rights, please contact us at privacy@go2ppo.com.

If you are not satisfied with our response, you may contact the data protection authority in your country or region for further assistance.

Useful Resources

For more information on the infrastructure and security practices of our cloud provider, see:

Updated: 25 June 2025