Our Privacy Policy was last updated on November 19, 2025.
Thanks for entrusting Realm Software, Inc. ("Realm", "we", "us", "our") with your data and your personal information. Our Privacy Policy ("Privacy Policy") is designed to help you understand how we collect, use, and share your personal information and to assist you in exercising the privacy rights available to you.
The Privacy Policy has been prepared in compliance with the requirements of the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC ("GDPR") and the California Consumer Privacy Act of 2018 Cal. Civ. Code § 1798.100 et. seq ("CCPA"), including subsequent amendments to each. It is designed to ensure that the collection, storage, use, and disclosure of personal data align with the rights and obligations established under these laws, and this Privacy Policy shall be construed as our California Consumer Privacy Act Notice.
This Privacy Policy covers the personal information we collect about you when you use our products or services, or otherwise interact with us, including on our website at www.dimension.dev ("Website"), web applications at www.dimension.dev and our related online and offline offerings (collectively, the "Services"). This Privacy Policy also explains your choices surrounding how we use your personal information, which includes how you can object to certain uses of the information and how you can access and update certain information.
The Company uses cookies and similar tracking technologies to enhance user experience, analyze usage, and provide personalized services.
The collection, usage and processing of data is based on our legitimate interests to provide you high quality services and outputs, and generally to offer You an modern and efficient way to deliver or support our services, and in doing so to develop our business and improve our products. It serves the legitimate interests of users to access the know-how, resources, information and support provided to them (or the client) through our Website and Services.
When you register to access our Website and Services, and accept their terms of use, We will (also) process your data including Personal Data as necessary in relation to those terms of use (performance of a contract).
The words of which the initial letter is capitalized have meanings as set out in Section 1.2 below. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
For the purposes of this Privacy Policy:
"Account" means a unique account created for You to access our Product, Service or parts of our Service.
"Company" (referred to as either "the Company", "We", "Us" or "Our" in this Privacy Policy) refers to Realm Software Inc.
"Consumer" or "Client" means a person / entity accessing our Website / Services/ Products.
"Device" means any device that can access the Service including but not limited to a computer, a cell phone, or a digital tablet.
"Personal Data" or "personal information" includes any information that relates to an identified or identifiable individual and includes any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.
"Sale" means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Consumer's Personal Data to another business or a third party for monetary or other valuable consideration.
"Service Provider" includes any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
"Usage Data" refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
"You/Your" means the individual accessing or using the Product/Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Product/Service, as applicable.
(A) While using our Service, we may ask You to provide us with certain personally identifiable information that can be used to contact or identify You, which may include, but is not limited to:
Personal information does not include publicly-available information, deidentified or aggregated information, or information covered by certain sector-specific privacy laws.
(B) We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or device.
(C) Under CCPA, Personal Data does not include publicly available information, deidentified or aggregated consumer information, information excluded from the CCPA's scope, and personal data covered by certain sector-specific privacy laws.
Usage Data is collected automatically when using the Service. Usage Data may include information such as Your device's internet protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
The Company may use Personal Data for the following purposes:
Please note that the purposed provided above are illustrative and not intended to be exhaustive. If we decide to collect additional categories of data or use them in a materially different manner, unrelated, or incompatible purposes we will update this Privacy Policy.
We will not share your Personal Data with any third party unless such third party will honor this Privacy Policy. We may share Your Personal Data in the following situations:
We collect data and personal information directly from you, and from the following types of sources: our Clients, public registers and databases, court and public records, communication with third parties and other advisors involved in client matters, commercial databases, and event sponsors. In essence, we obtain the categories of Personal Data listed above from the following categories of sources:
We use artificial intelligence ("AI") and automated processing technologies within our Services to provide collaboration features, productivity insights, task suggestions, and personalized recommendations. This may include the analysis of your interactions, communications, and usage patterns on our platform in order to support your work and enhance team collaboration.
GDPR: To the extent that such processing constitutes "profiling" or "automated decision-making" under Articles 13–15 and 22 of the GDPR, you have the right not to be subject to a decision based solely on automated processing where that decision produces legal effects or similarly significant effects for you. In such cases, you also have the right to request human intervention, to express your point of view, and to contest the decision.
CCPA/CPRA: For California residents, this type of processing may qualify as the use of "inferences" drawn from personal information. You have the right to access, delete, and limit the use of such information, as well as the right to opt-out of its use for cross-context behavioural advertising.
We do not use automated decision-making that has legal or similarly significant effects (such as decisions affecting employment, credit, or legal rights) without your explicit consent or as otherwise permitted by applicable law unless you directly or indirectly instruct the product to do so including automated or triggered workflows configured by You on the product. You have the right to object to decisions based exclusively on the automated processing of your personal data.
We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes.
Please note that the Company retains Usage Data only for as long as the User's account remains active and for a period of up to twelve (12) months thereafter following account deactivation, or for shorter period, subject to applicable law.
Please note that we may use Personal information to generate deidentified data sets. To the extent we treat data as deidentified under the CCPA, we will maintain and use that data solely in deidentified form and will not attempt to reidentify that data with any individuals, other than to assess whether the deidentification process complies with applicable law or as otherwise permitted by applicable law.
The Company conducts periodic reviews of Personal Data held to ensure that it is retained only for the necessary duration and in compliance with legal and business requirements. Once data is no longer required, it will be permanently and securely deleted or anonymized to prevent unauthorized access, use, or disclosure.
Our Company securely stores your data, primarily cloud based. We retain Personal Data only for as long as there is a legitimate reason or other legal ground to do so, and will keep these legal bases under review. If there is no longer a legal ground for the data to be retained, we will erase Personal Data securely, or in some cases anonymise it.
We use reasonable and appropriate security processes, controls, and procedures including administrative, physical security and technical controls to protect your data including Personal Data. Although we use appropriate security measures once we have received your data including Personal Data, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavor to protect data including Personal Data, but we cannot guarantee the security of data transmitted to us or by us over the internet.
Your information, including Personal Data, is processed at the Company's servers located in the United States and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of United States, Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction. Data can be hosted in third-party managed IT environments (primarily cloud-based).
Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer i.e., by sending us Personal Data and other information, you agree and consent to the processing of your personal information in the United States, which may not offer an equivalent level of protection to that required in other countries (particularly the European Union), and to the processing of that information by us on servers located in the United States, as described in this Policy.
We provide paid products and/or services as part of the Service. In that case, we may use third-party services for payment processing (e.g. payment processors).
We will not store or collect Your payment card details. That information is provided directly to our third-party payment processors whose use of Your Personal Data is governed by their privacy policy. These payment processors usually adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
These third-party vendors collect, store, use, process and transfer information about Your activity on our Service in accordance with their privacy policies, which You are encouraged to review separately.
Our Service may contain links to other websites that are not operated by us. If You click on a third-party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
As defined in the CCPA, "sell" and "sale" mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's Personal Data by the business to a third party for valuable consideration. This means that we may have received some kind of benefit in return for sharing Personal Data, but not necessarily a monetary benefit.
We do not intend to sell any Personal Data. We only use it as a part of delivering the Product/Service's value proposition to You and your teams.
It is to be noted the Company does not disclose Personal Data to third parties for cross-context behavioral advertising or for any other purpose that would constitute a "sale" or "sharing" under CCPA.
We do not knowingly collect Personal Data from minors under the age of 13 through our Service, although certain third-party websites that we link to may do so. These third-party websites have their own terms of use and privacy policies and we encourage parents and legal guardians to monitor their children's Internet usage and instruct their children to never provide information on other websites without their permission.
We do not sell the Personal Data of consumers we actually know are less than 13 years of age, unless we receive affirmative authorization (the "right to opt-in") from the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to the sale of Personal Data may opt-out of future sales at any time. To exercise the right to opt-out, You (or Your authorized representative) may submit a request to us by contacting us.
Our Services are not directed to, and we do not knowingly collect personal information from, individuals under the age of 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe that a child under 13 has provided personal information to us, please contact us at legal@dimension.dev
In the event of a Personal Data breach, the Company will notify the affected User within seventy-two (72) hours of becoming aware of such breach. The notification will include, to the extent reasonably available, details of the nature of the breach, the categories and approximate number of data subjects affected, the likely consequences, and the measures taken or proposed to be taken to address the breach.
If You choose to connect your third-party accounts (such as Gmail or Slack) with our Services, We will collect and store OAuth tokens (Open Authorization tokens) issued by the relevant provider. OAuth tokens are secure, encrypted digital credentials that allow our systems to access only the specific information and functionality that you have expressly authorized.
Please note that We use OAuth tokens solely to operate the features you have enabled. We do not use OAuth tokens for any secondary purpose, including advertising, profiling, or data resale. OAuth tokens are stored securely and are not accessible to Company personnel.
You may revoke our access at any time by adjusting your account settings with the third-party provider. Upon revocation, our systems will no longer be able to access your data through that provider, and associated OAuth tokens will be promptly deleted from our systems.
You have the following rights pertaining to this Privacy Policy:
We may update our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page. We will let You know via email and/or a prominent notice on our Service, 30 (thirty) days prior to any material change becoming effective and update the "Last updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page, and your continued usage of our Website and /or Services implies that you have accepted our Privacy Policy as amended from time to time.
Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact the competent authority at:
Email: tejas@dimension.dev
If you want to exercise your any of your aforementioned rights or have any questions, concerns, complaints, or requests regarding this Privacy Policy, the handling of your personal data, or your privacy rights under applicable law, you may contact our designated Grievance Officer / Data Protection Officer at:
Name: Tejas Ravishankar
Designation: Grievance Officer / Data Protection Officer
Email: tejas@dimension.dev
Address: 850 New Burton Road, Suite 201, Dover, Delaware 19904, USA
Your request to Us must:
We cannot respond to Your request or provide You with the required information if we cannot: