[bigyikes]

Not sure why Trello was picked as an example. Trello respects the privacy of its customers. It does not profit from collecting user information. Private company data remains private in Trello, even if the company doesn’t pay. Data is not shared and cannot be freely accessed by employees.

[0xbadcafebee]

Their terms may have changed after they were acquired, I dunno. But Atlassian has something like two dozen different legal documents covering their software. How do you know what they do/don't do until you've had your legal department vet it?

As a random example: Trello can list any customer in their promotional materials (you have to dig through the legal docs to find the opt-out email). As the CEO of your own company, how would you like to see your company listed in a Trello ad when you're trying to do business with a Trello competitor, or gain a customer who competes with Trello?

Point being: employees use 3rd parties all the time in ways they shouldn't, often leaking a lot more data than meetings. It's why DLP is so popular.

[deely3]

By the same logic terms of my current email provider could be changes and all of my emails could become public or selled to higher bidder.

Both Trello and my email provider can do this. Both will have consequences.

[donkeyd]

Exactly, which is why you need to consider this stuff and not use those types of services if you have actual confidential data. Find a provider with clear contracts that prevent these types of changes. Self host. Whatever, just make sure to pay actual attention to what you're doing.

[nequo]

What is DLP?

[vdfs]

data loss prevention

[Mistletoe]

But how do we know? The pile is to the ceiling with other companies that said the same thing and later we discover that was definitely not the case.

[spondylosaurus]

Trello is owned by Atlassian. Not saying it's impossible, but they'd be shooting themselves in the foot big time if they pulled some shady shit that alienated their corporate user base.

I'd imagine they offer Trello for free to entice you to start paying for Jira (or god forbid, Confluence).

[krageon]

Leaking user data (or "anonymising" it and then selling it) doesn't alienate a corporate userbase, because corporations broadly do not care at all that user data gets leaked. Unless it materially affects their income, this is something that is ignored.

[Mistletoe]

I work for a GMP manufacturer of pharmaceuticals and they use the free version of Trello and put tons of proprietary client information in Trello. Each client is a different company and they are never supposed to see data from the other one. It’s an absolutely insane thing to do in my opinion. I’m beginning to see why we are losing clients.