Versions Compared

Old Version 51

changes.mady.by.user Roman Lutsiv [Appfire]

Saved on

compared with

New Version 52

changes.mady.by.user Jaroslaw Bamberski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Excerpt


Info
titleAgile Poker Cloud

This part of the documentation relates to Agile Poker - estimation tool for Jira Cloud. If you use Jira Server go to the Agile Poker - estimation tool for Jira Server documentation.



We take data security very seriously so we use only trusted service providers with the highest security standards. On this page, you will find details on how we secure our clients' data. If you think something is missing or you have any security related questions please let us know at Appfire Support Portal or support@appfire.com.

Services providers

...

Status
colourYellow
titlesub-processor
 Agile Poker Cloud runs on Heroku environment. Besides the application itself, Heroku stores application access logs that contain user IP, user key, instance URL and user JWT token. These logs are purged after 365 days. 

Heroku Postgres 

Heroku Postgres stores data provided during the installation handshake. Stored keys authenticate us to clients' instances.

The database is secured using a security mechanism provided by Heroku. See https://www.heroku.com/policy/security#postgres for details.

Stored Data

  • A key that identifies Jira instance.
  • Shared secrets for communication with Jira.

Firebase 

Status
colourYellow
titlesub-processor
 Firebase is a real-time shared database. We use it to synchronize session data in real time between users.

Stored data

  • A key that identifies Jira instance.
  • Shared secrets for communication with Jira.
  • Jira client key
  • Board id to associate session data.
  • Account ids of users (participants of any session, users that modified a session properties the last time e.g. change scrum master)
  • Ids of issues (active issue, voted issues, issues selected in the filter, reference issues)
  • Estimation votes of users per issue.
  • Session state (e.g. open/closed flag, timer state).

...

Status
colourYellow
titlesub-processor
 We use Heroku addon Papertrail to store application logs. Logs are in the system for 14 days. Log archives are stored from the last 365 days. Papertrail allows us to analyze application's behavior after an incident occurs. 

Stored Data

  • Access log - web addresses accessed by user browser when communicating with Agile Poker add-on. It includes the following data:
    • request date
    • IP address
    • issue id
    • timezone
    • location
    • user key
    • URL that the application was run on (includes Jira URL, JQL query, project key, and issue key)
    • user authorization token
    • browser name and version
  • Application logs - internal application messages that don't contain any personal data.

...