Data Security and Privacy Statement

This app is Cloud Fortified

Data storage

This app doesn’t store any personal data related to users (PII), issues or any other information from JIRA instance it’s installed on. It can store configuration (such as currently selected fields to export) in user browser’s local storage (if enabled in the browser).

All data is stored in certified databases:

• ISO 27001 (Security Management Controls)
• ISO 27017 (Cloud Specific Controls)
• ISO 27018 (Personal Data Protection)
• SOC 1, 2, 3 (Security, Availability & Confidentiality Reports)

Any API keys and other secret data is encrypted with industry standard symmetric encryption.

Exporting data

While performing exports from the browser, all the computations are performed in the browser. No data from JIRA is transmitted to the server at any time.

Scheduled reports are performed by the backend. Data is retrieved from Jira instance. Worker instances are deleted after each report. Data is stored in temporary files only for "download link" type of schedules where users can click a link to download report file. These files are deleted after time period specified by user (default 3 days).

Statistics

The app uses Mixpanel to track usage statistics and Rollbar.com to track data related to bugs and crashes.

Atlassian standards

This app:

• is Cloud Fortified
• follows Atlassian App Security Guidelines.
• is part of Marketplace Security Bug Bounty Program.