Versions Compared

Old Version 1

changes.mady.by.user Derya Özdemir

Saved on

compared with

New Version 2

changes.mady.by.user Derya Özdemir

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

We take data security very seriously, so we use only trusted service providers with the highest security standards. On this page, you will find details on what data we store, where we store it, and how we secure it. If you think something is missing or you have any security-related questions, please let us know at Appfire Support Portal or support@appfire.com.

Service Providers

Status
colourYellow
titleSUB-PROCESSOR
– The providers with this label are our data sub-processors as defined by European General Data Protection Regulation (GDPR).

Anchor
heroku
heroku
Heroku

Status
colourYellow
titleSUB-PROCESSOR
 Canned Responses application runs on Heroku environment. Besides the application itself, Heroku stores application access logs that contain the user IP, user key, instance URL, and user JWT token. These logs are purged after 30 days.

Anchor
Heroku-Postgres
Heroku-Postgres
Heroku Postgres

Heroku Postgres stores data provided during the installation handshake. Stored keys authenticate us to clients' instances.

The database is secured using a security mechanism provided by Heroku. See https://www.heroku.com/policy/security#postgres for details.

Stored Data

  • A key that identifies Jira instance

  • Shared secrets for communication with Jira

Anchor
MongoDB-Atlas
MongoDB-Atlas
MongoDB Atlas

Status
colourYellow
titleSUB-PROCESSOR
 We use MongoDB Atlas to store the templates. Each Jira instance uses a separate collection. Only users from a particular Jira instance can access the templates from that instance.

The database is backed up every week, and the last eight backups are stored.

Stored Data

  • template name and content

  • template creator's user key

  • templates scopes including project ids and user keys

  • template creation and update time

  • client's license SEN

...

We don't store issue summaries, descriptions, comments, or other sensitive information. We don't store full usernames or emails, but we use user keys and project keys provided by Jira instead.

Anchor
Papertrail
Papertrail
Papertrail

Status
colourYellow
titleSUB-PROCESSOR
 We use Heroku addon Papertrail to store application logs. Logs are in the system for 30 days. Log archives are stored from the last 365 days. Papertrail allows us to detect suspicious patterns in the logs and notify us whenever they are detected, which improves our reaction time. It also allows us to analyze the application's behavior after an incident occurs. 

Stored Data

  • Access log – web addresses accessed by the user browser when communicating with Canned Responses add-on. It includes the following data:

    • request date

    • IP address

    • issue id

    • timezone

    • location

    • user key

    • URL that the application was run on (includes Jira URL, JQL query, project key, and issue key)

    • user authorization token

    • browser name and version

  • Application logs – internal application messages that don't contain any personal data.

...

If you would like us to skip processing logs from your instance, please let us know at support@appfire.com

Anchor
Bugsnag
Bugsnag
Bugsnag

Status
colourYellow
titleSUB-PROCESSOR
Bugsnag is a tool for the reporting of in-browser errors. It allows us to fix errors before people report them to us.

Stored data

  • Jira client key

  • board id

  • User IP address

  • User language

  • User browser information (browser, version, locale, operating system, user agent)

Anchor
Google-Analytics
Google-Analytics
Google Analytics & Google BigQuery

For a better understanding of our clients, we collect anonymous statistics on add-on usage. These statistics tell us how we should develop our plugin to make our customers happy. 

What is collected

The following table is intended to give you a complete understanding of the policy that we use to collect analytics data.

...

Data type

Comments

User interface and usage

Displaying and interacting with all components and pages added by Canned Responses including:

  • Canned Responses comment box

  • manage templates dialog

  • add/edit template dialog

  • settings pages

Interacting means clicking on the components or changing their state.

Flags and statistics

We collect boolean flags and statistical numbers from the entered data. This applies to data gathered via add-on components or pages (including configuration and usage pages). For example:

  • Comment box was expanded

  • Template was inserted

  • Comment was posted

  • Template filters are used

  • Add-on page or panel was opened

Flags and statistics do not contain any user-created data.

Context

We collect a few general context values from Jira.

  • license type (evaluation/paid)

  • type of the issue being commented (Jira Service Management issue or not)

  • is Chrome extension used or not

Context parameters do not contain any user-created data.

What is not collected

In Google Analytics, we do not collect any data but the minimal and anonymous data based on the rules described above. In particular, we do not collect any information about users, issues, values of comments, or any identifiable information about the Jira instance itself.