Skip to main content

Data Security and Privacy Statement

Overview

At our company, we prioritize the security, privacy, and compliance of your data. Our security-first approach ensures your data remains confidential, secure, and under your control at all times.

We employ industry best practices, maintain continuous monitoring, and follow strict security standards to safeguard customer data. This document outlines our security posture, policies, and controls.

Cloud Version

Architecture & Data Flow

  • In-Jira Integration: The app is displayed inside Jira’s interface, ensuring a seamless user experience.

  • Secure Delivery (HTTPS): The application is loaded over an encrypted HTTPS connection to prevent unauthorized interception.

  • Local Processing: The necessary Jira data is passed to the app and processed locally in your browser, never transmitted to external services.

  • No External Storage: We do not store Jira data on our servers.

Personal Data Handling

  • Zero Data Collection: We do not process, store, or share customer data.

  • Licensing and Transactional Data: We gather only the necessary licensing and transactional information from Atlassian’s Marketplace API to manage license validation and record transactions.

  • Error Logging: Non-personal error logs are collected via http://Sentry.io for debugging.

Infrastructure Security

  • Hosted on GCP – Firebase: Our cloud infrastructure is managed in Google Cloud Platform.

  • Encryption in Transit: All communication that delivers our application to Jira is secured with TLS 1.2+.

  • Regular Security Scans: Automated vulnerability scans detect and mitigate potential risks.

Data Center Version

Architecture & Data Flow

  • Self-Hosted Deployment: The app runs entirely within your Jira instance.

  • No External Communication: No data is ever transmitted to external servers.

  • Full Data Control: Your data stays within your infrastructure at all times.

Personal Data Handling

  • No Data Collection: We do not collect, store, or transmit any customer data externally.

  • Complete Sovereignty: All data remains within your environment.

Infrastructure Security

  • Operates in Your Environment: All security measures align with your existing Jira and network controls.

  • No Third-Party Dependencies: No external calls or services are involved.

Compliance & Certifications

  • Atlassian Marketplace Partner: We meet Atlassian’s security requirements and best practices.

Secure Development Practices

  • Automated Dependency Scanning: Continuous scanning for third-party vulnerabilities.

  • Secure CI/CD: Deployments include automated security testing.

Incident Response & Reporting

We have a well-defined incident response plan to detect, assess, and resolve security incidents:

  • 24/7 Security Monitoring (for Cloud Version)

  • Immediate Threat Response

  • Customer Notifications if an incident has any impact.

How to Report Security Issues

We encourage responsible disclosure of security vulnerabilities.

📩 Report a security issue: info@simple-reports.com

Updates & Change Management

  • Continuous Deployment: The cloud version receives frequent security updates.

  • Change Tracking: All deployments are logged and monitored.

  • Backward Compatibility: Updates do not break existing user configurations.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close