Data Privacy and Security

Data Privacy and Security

Your privacy is important to us, and so is being transparent about how we collect, use, and share information about you.

Data Privacy

What information we collect

The plugin stores the following data:

  • Installation data sent by Jira during the installation process.
  • Issue keys when you create or open the plugin dialog window.
  • Atlassian user IDs of users who join a room.
  • The configured Jira issue field ID for saving estimated points.
  • Error data, such as stack traces and error messages, to help us improve the application.

What kind of data is read from your Jira instance

The plugin reads some additional data that exists only in your browser:

  • The list of fields in an issue is read by the browser during the configuration process. Only the ID of the chosen field is saved on our server.
  • The full names of users who join a room are read only by the browser to display the list of team members. This information is never saved on our server.

When the Room Owner clicks the “Remove room” button, all data related to that room is deleted.

How we use the information we collect

We use the collected information to provide the Product to you. Error-related data is used to improve the Product and fix bugs.

Data Residency

Agile Toolbox for Jira has instances in the US and EU. Jira automatically chooses the data residency based on your request or Jira instance location.

Security

We use industry-standard technical and organizational measures to secure the information we store, leveraging Google Cloud as our infrastructure provider. This provides a secure-by-design infrastructure, encryption at rest and in transit, a well-defined privacy policy, and advanced access management.

How we keep the Product safe

  • Development, test, and production environments are isolated.
  • Access to our infrastructure and source code is secured by 2-factor authentication and is periodically reviewed.
  • All code changes are reviewed and accepted through pull requests.
  • Deployment procedures are automated to limit access to production environments and reduce the risk of human error.
  • Security scanners are included in our build process to quickly discover and remove security bugs.