Data Security and Privacy Statement
This app is Cloud Fortified (opens in a new tab)
Data storage
This app doesn’t store any personal data related to users (PII), issues or any other information from JIRA instance it’s installed on if scheduled reports are not used.
In case of scheduled reports, the app processes and stores data temporarily on our servers. The data is stored in the geographical region specified by the user in the app settings. The data is stored for the time period specified by the user (default 3 days).
The app can store configuration (such as currently selected fields to export) in user browser’s local storage (if enabled in the browser).
All data is stored in certified databases:
- ISO 27001 (Security Management Controls)
- ISO 27017 (Cloud Specific Controls)
- ISO 27018 (Personal Data Protection)
- SOC 1, 2, 3 (Security, Availability & Confidentiality Reports)
Any API keys and other secret data is encrypted with industry standard symmetric encryption.
Exporting data
While performing exports from the browser, all the computations are performed in the browser. No data from JIRA is transmitted to the server at any time.
Scheduled reports are generated by the server. Data is retrieved from Jira instance and deleted after each report, unless we need to store it in temporary files. Temporary files are necessary in these cases:
- user receives download link for the report
- data is accessed by user via our API
Files are not created if the user chooses to receive the report via email or by upload to SFTP server.
Temporary files are deleted after time period specified by user (default 3 days).
Statistics
The app uses Mixpanel (opens in a new tab) to track usage statistics and Rollbar.com (opens in a new tab) to track data related to bugs and crashes.
Atlassian standards
This app:
- is Cloud Fortified (opens in a new tab)
- follows Atlassian App Security Guidelines (opens in a new tab).
- is part of Marketplace Security Bug Bounty Program (opens in a new tab).