Data Security and Privacy Statement

Overview

This is a data security and privacy statement for the Affinity/Relative Estimation for Jira app.

App Architecture

The app works on the client side only. All required raw data is fetched using Atlassian APIs on your client (browser) and then processed to be displayed without sending it to any servers on the same client (browser). Any settings and configuration required for the app to work are saved with your Jira instance.

Privacy

We do not collect any personal data from your use of our plugin. Additional information we receive is usage statistics and licensing information through Atlassian's marketplace API.

Permissions Scope

Our plugin requires read permission to be able to read your work items. We also need write permission to write user settings and changes to work items you make using the app.

Data Storage/Data Retention

No personally identifiable data are stored on our servers. The app runs completely client-side only. Configuration is stored in Atlassian servers.

Hosting

The app is hosted entirely within the Atlassian Forge platform, using infrastructure managed by Atlassian and its sub-processors. Data residency is subject to Atlassian’s infrastructure policies and selected hosting region (where applicable).

Logging

We do not access customer data. We may retain temporary logs for debugging and monitoring purposes. These logs are limited to anonymized technical metadata and do not contain personal or work-item-specific content.

We use http://Sentry.io to collect anonymized client-side JavaScript errors to improve app stability and user experience.

Security

All app resources are delivered via Atlassian’s secure infrastructure using HTTPS encryption. We follow industry best practices, including the principle of least privilege, scoped API access, and secure-by-default architecture enforced by Atlassian Forge.

If you have found a security vulnerability, please email us at info@simple-reports.com immediately.