Is there a free trial?

Yes — all plans include a 14-day free trial with no credit card required. Prices shown are billed annually: Baseline €19/mo (€228/year), Sprint €79/mo (€948/year), Velocity €99/mo base (€1,188/year). Monthly billing is also available at €24, €99, and €124 respectively — about 20% more. Enterprise pricing is custom — contact us.

How does AI test generation work?

You connect your own OpenAI API key in Settings — your data is sent directly to OpenAI and never stored by SmartRuns or used to train any model. SmartRuns sends the Jira ticket description (or your text) and returns structured test cases with preconditions, steps, and expected results in seconds.

Can I migrate from TestRail, Xray, or Zephyr?

Yes. SmartRuns supports importing test cases via CSV. We also offer a guided migration for Sprint and Enterprise customers — reach out and we'll handle it for you at no extra cost.

What integrations are available?

Currently: Jira (native), GitHub, OpenAI, and outbound webhooks. Slack, Linear, and Notion integrations are on the roadmap.

SmartRuns runs on AWS with SOC 2-aligned infrastructure. All data is encrypted in transit (TLS) and at rest. Enterprise plans include SAML/SSO and a dedicated environment.

Can I control who sees what within my team?

Yes. Sprint and Enterprise plans include granular role and permission management so you can control access at the project and feature level.

How is SmartRuns different from TestRail or Zephyr?

TestRail and Zephyr are built for manual test management with complex onboarding. SmartRuns adds AI test generation from Jira tickets, modern self-serve setup (under 5 minutes), and a clean UI — at a fraction of the cost. No consultants, no migrations, no per-seat complexity.

Privacy Policy — SmartRuns

1. Who we are

SmartRuns ("we", "our", "us") is a cloud-based QA test management platform operated from Spain.

SmartRuns acts as the data controller for personal data collected through our website and web application. When you use SmartRuns to manage your organisation's test data, SmartRuns acts as a data processor on your behalf and your organisation is the controller of that content data.

Contact: info@smartruns.io — info@smartruns.io for general enquiries.

2. Scope of this policy

This policy applies to:

The SmartRuns web application at app.smartruns.io.
The SmartRuns marketing website at smartruns.io.

3. Data we collect

Account and identity data

Name, work email address, company name, and role — collected when you register or invite team members.

Usage and technical data

Pages visited, features used, session duration, and browser type. IP addresses are collected transiently for security purposes and are not retained beyond 30 days.

Content data

Test cases, test plans, test runs, comments, attachments, and any other content you create within SmartRuns. Your organisation is the controller of this data; SmartRuns processes it solely to provide the service.

Integration credentials

OAuth tokens and API keys for Jira, GitHub, and OpenAI integrations — stored encrypted at rest and used exclusively to execute requests you initiate.

Payment data

Billing is handled entirely by Stripe. SmartRuns stores only your subscription plan, billing email, and a Stripe customer ID. Card details are never transmitted to or stored by SmartRuns.

4. Legal basis for processing (GDPR Art. 6)

For users in the European Economic Area (EEA) and United Kingdom, our legal basis for each processing activity is as follows:

Processing activity	Legal basis
Providing the platform and processing content data	Performance of contract (Art. 6(1)(b))
Billing and payment administration	Performance of contract (Art. 6(1)(b))
Security logging and fraud prevention	Legitimate interests (Art. 6(1)(f))
Anonymised product analytics	Legitimate interests (Art. 6(1)(f))
Transactional emails (receipts, password resets)	Performance of contract (Art. 6(1)(b))
Product newsletter and marketing emails	Consent (Art. 6(1)(a)) — you may unsubscribe at any time
Legal and compliance obligations	Legal obligation (Art. 6(1)(c))

5. How we use your data

To provide, maintain, and improve the SmartRuns platform.
To authenticate users and protect accounts from unauthorised access.
To send transactional emails (account confirmation, password reset, billing receipts). These are essential to the service and cannot be opted out of.
To send product updates and newsletters — only with your consent, and you can unsubscribe at any time via the link in any email.
To generate anonymised, aggregated usage analytics to improve the product.
To comply with legal obligations.

We do not sell your data to any third party. We do not use your content or your team's test data to train machine learning models.

6. AI test generation and OpenAI

SmartRuns provides AI-assisted test case generation using the OpenAI API. To use this feature, you supply your own OpenAI API key in Settings.

When you request AI test generation, the content you provide (Jira ticket description or free-text input) is transmitted to the OpenAI API using your API key. SmartRuns does not permanently store the raw prompt or response beyond what is necessary to display the result.

Your OpenAI API key is stored encrypted at rest and is never exposed in the frontend.
Data submitted to OpenAI via your key is governed by the OpenAI Privacy Policy. By default, OpenAI does not use data submitted via the API to train its models.
You are responsible for ensuring that content submitted for AI generation does not include personal or confidential data you are not authorised to process via a third-party AI service.

7. Data storage and security

All data is hosted on AWS European infrastructure.
All data is encrypted in transit (TLS 1.2+) and at rest.
We apply industry-standard security controls including access logging, role-based internal access, and a documented incident response procedure.
Integration credentials (API keys, OAuth tokens) are stored encrypted and are never exposed in client-side code.

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the competent supervisory authority within 72 hours and affected users without undue delay, as required by GDPR Art. 33–34.

8. International data transfers

SmartRuns' primary infrastructure is within the EEA. Certain sub-processors are based in the United States. Where personal data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.

You can request a copy of the relevant SCCs by emailing info@smartruns.io.

9. Sub-processors

We use the following sub-processors to deliver the service:

Sub-processor	Purpose	Location
Amazon Web Services (AWS)	Cloud infrastructure, database, object storage, and email delivery	EU (SCC in place for US services)
Stripe	Payment processing	United States (SCC in place)
OpenAI	AI test generation (via your own API key — prompt and response only)	United States (SCC in place)
SendGrid (Twilio)	Transactional email delivery	United States (SCC in place)
Cloudinary	File and attachment storage	United States (SCC in place)
Google Cloud	Data analytics and warehouse (Data Connector feature)	EU / United States (SCC in place)
New Relic	Application performance monitoring	United States (SCC in place)

We will notify you of any material changes to this list via email at least 14 days before the change takes effect.

10. Data retention

We retain your data for as long as your account is active. Upon account deletion:

All content data (test cases, plans, runs, comments) is deleted within 30 days.
Integration credentials and OAuth tokens are revoked and deleted immediately on disconnection or account deletion.
Anonymised, non-re-identifiable analytics data may be retained indefinitely.
Billing records are retained for 7 years as required by Spanish and EU tax law.

You can request a full export of your data at any time by emailing info@smartruns.io.

11. Your rights (GDPR)

If you are in the EEA or United Kingdom, you have the following rights:

Access (Art. 15): request a copy of the personal data we hold about you.
Rectification (Art. 16): correct inaccurate or incomplete data.
Erasure (Art. 17): request deletion of your personal data, subject to legal retention obligations.
Restriction (Art. 18): restrict how we process your data in certain circumstances.
Portability (Art. 20): receive your data in a machine-readable format (JSON or CSV).
Object (Art. 21): object to processing based on legitimate interests, including direct marketing.
Withdraw consent (Art. 7(3)): withdraw consent at any time where processing is consent-based.

To exercise any of these rights, email info@smartruns.io. We will respond within 30 days. You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD) at www.aepd.es.

12. Cookies

Strictly necessary: session authentication token, CSRF protection. Required for the service to function.
Analytics (optional): anonymised, aggregated usage data to understand feature adoption. No cross-site tracking. You can opt out via Settings → Privacy.

We do not use advertising, retargeting, or third-party tracking cookies.

13. Children's privacy

SmartRuns is a professional B2B tool. We do not knowingly collect personal data from individuals under 16 years of age. If you believe a minor has registered, contact us at info@smartruns.io.

14. Changes to this policy

We may update this policy from time to time. We will notify you of material changes via email at least 14 days before the change takes effect. Continued use of the service after the effective date constitutes acceptance.