Privacy Policy

Last updated: 19 June 2026

This English version is provided for convenience; the French version prevails in case of discrepancy. This policy describes how personal data is processed in connection with the Cerulean app and the cerulean.interrupt.fr website, in accordance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act of 6 January 1978 (as amended).

In short: a "client-only, no intermediary server" architecture

Cerulean is a client that connects directly to your own Azure DevOps organisation. In practice:

• Authentication uses your Personal Access Token (PAT), stored encrypted in the iOS Keychain on your device, or via Microsoft Entra (OAuth).
• The app communicates directly with your Azure DevOps instance. Interrupt operates no intermediary server (backend).
• Interrupt never receives, stores or processes your work items, repositories, code, or access token.
• No data resale, no advertising profiling, no transfer of your data to third parties.

GDPR section

Data controller

Camille Terol, sole trader (entrepreneur individuel) trading as “Interrupt”, 37 Allée Guy de la Brosse, 76230 Isneauville, France.

Data Protection Officer (DPO)

For any question about your personal data or to exercise your rights: [email protected].

What we collect — and what we do not

• Azure DevOps content (work items, repositories, code, comments): not collected by Interrupt. This data flows only between your device and your Azure DevOps.
• Access token (PAT) / Entra OAuth tokens: not collected by Interrupt; kept encrypted in the iOS Keychain, under the exclusive control of iOS and your device.
• Payment and subscription data: not collected by Interrupt. The transaction is handled by Apple as merchant of record (see "Processors and third parties").
• Analytics / tracking: to date, the app contains no third-party analytics, measurement or tracking tools, and no crash-reporting SDK.
• Support: if you contact the publisher by email, we process the data you send us (address, message content) solely to answer your request.

Lawful bases

• Performance of a contract (Art. 6(1)(b) GDPR): providing the app and its features.
• Legitimate interest (Art. 6(1)(f) GDPR): app security, handling support requests.
• Legal obligation (Art. 6(1)(c) GDPR): retaining required records where applicable.

Retention periods

As Interrupt stores neither your Azure DevOps content nor your token, no retention period applies to these on Interrupt's side. Support correspondence is kept for as long as needed to handle the request, then archived or deleted in line with our legal obligations.

Processors and third parties

• Microsoft (your Azure DevOps organisation and, where applicable, Microsoft Entra sign-in): your Azure DevOps service provider; processing of your content is governed by your own contractual relationship with Microsoft.
• Apple (Apple Inc. / Apple Distribution International Ltd): app distribution and management of the subscription, billing and refunds as merchant of record. Apple processes payment and account data under its own privacy policy.

International transfers

Microsoft and Apple may process certain data outside the European Union. Such transfers are framed by the mechanisms provided by the GDPR (notably Standard Contractual Clauses and/or adequacy frameworks such as the EU-US Data Privacy Framework), as implemented by these providers.

Your rights

Under Articles 15 to 22 GDPR, you have the rights of access, rectification, erasure, data portability, objection and restriction of processing. You may exercise them with the DPO: [email protected]. For data held by Microsoft (your Azure DevOps content) or Apple (payment), these rights are exercised directly with the relevant provider.

Complaint to the CNIL

You have the right to lodge a complaint with the French data protection authority (CNIL): 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France, www.cnil.fr.

Cookies (website only)

The cerulean.interrupt.fr website sets no audience-measurement, advertising or tracking cookies. Only cookies or trackers strictly necessary for the operation and security of the site (e.g. via Cloudflare) may be used; these are exempt from consent under Article 82 of the French Data Protection Act and CNIL guidelines.

Changes

This policy may be updated. The last-updated date appears at the top of the page.