Data Security and Privacy Statement
Overview
This is a data security and privacy statement for the Affinity/Relative Estimation for Jira app.
App Architecture
The app works on the client side only. All required raw data is fetched using Atlassian APIs on your client (browser) and then processed to be displayed without sending it to any servers on the same client (browser). Any settings and configuration required for the app to work are saved with your Jira instance.
Privacy
We do not collect any personal data from your use of our plugin. Additional information we receive is usage statistics and licensing information through Atlassian's marketplace API.
Permissions Scope
Our plugin requires read permission to be able to read your work items. We also need write permission to write user settings and changes to work items you make using the app.
Data Storage/Data Retention
No personally identifiable data are stored on our servers. The app runs completely client-side only. Configuration is stored in Atlassian servers.
Hosting
The app is hosted entirely within the Atlassian Forge platform, using infrastructure managed by Atlassian and its sub-processors. Data residency is subject to Atlassian’s infrastructure policies and selected hosting region (where applicable).
Logging
We do not access customer data. We may retain temporary logs for debugging and monitoring purposes. These logs are limited to anonymized technical metadata and do not contain personal or work-item-specific content.
We use http://Sentry.io to collect anonymized client-side JavaScript errors to improve app stability and user experience.
Security
All app resources are delivered via Atlassian’s secure infrastructure using HTTPS encryption. We follow industry best practices, including the principle of least privilege, scoped API access, and secure-by-default architecture enforced by Atlassian Forge.
If you have found a security vulnerability, please email us at info@simple-reports.com immediately.