Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...


Info
titleCloud Native Synchronizer

This part of the documentation relates to Cloud Native Synchronizer.

If you use Jira Server and Azure DevOps Server / TFS go to Data Policy for On premises Synchronizer


We take data security very seriously so we use only trusted service providers with the highest security standards. On this page, you will find details on how we secure our clients' data. If you think something is missing or you have any security related questions please let us know at Spartez Software Appfire Support Portal or support@spartez-softwaresupport@appfire.com.SUB-PROCESSOR 

Status
colourYellow
titlePROCESSOR
- providers with this label are our data sub- processors as defined by European General Data Protection Regulation (GDPR).

Service Providers
Table of Contents
minLevel2

Storage location.

Cloud SQL, datastore, backups and external backups storage are located in European Union, to be more exact, in Frankfurt, Germany.

Service statistics (operational metrics) are also copied over to the Google Cloud Platform

...

SUB-PROCESSOR(GCP) US region.

Google Cloud Platform

Status
colourYellow
titlePROCESSOR
 

Cloud SQL

Cloud SQL stores data provided during the installation handshake. Stored keys authenticate us to clients' Jira instances. We store

  • A key that identifies Jira instance.
  • Shared secrets for communication with Jira.

Cloud SQL also stores configuration data for synchronization profiles:

  • Urls to Jira and Azure DevOps
  • Username and personal access token for synchronizer user, encrypted using Cloud Key Management
  • Value mappings
  • Issue type mappings, States and Statuses mappings, etc.
Info
titlePersonally identifiable information and user generated content in Cloud SQL

One of the strategies to synchronize fields between Jira and Azure is to create a value mapping.

A value mapping, is, essentially, a dictionary that maps specific field values in one system to specific field values in another system.

Value mappings are configured by the user and are stored as a part of the synchronization profile in the Cloud SQL database, separately for each customer.

Synchronizer will not prevent the user from putting PII and UGC into value mappings.

This is essential to achieve useful and meaningful mappings for fields like Assignee / Assigned To (that contains users), components, area path, etc.


Datastore

Datastore stores operational data, that is generated once a synchronization profile is enabled:

  • Pairs of Jira ids and Azure DevOps ids for
    • Issues / work items
    • Comments
    • Attachments
    • Links
  • Customer - facing errors that occurred during synchronization
  • High-level aggregated data for initial synchronizations, like date started and number of items processed

Google Cloud's operations suite

...

Info
titlePersonally identifiable information and user generated content in logs

Synchronizer does not add any UGC to logs during normal operation, however, we reserve the right to log such data when errors occur and to temporarily extend logging with such data  data when it is necessary to troubleshoot an incident.
Please note that external systems, including Jira and Azure can unintentionally return data, containing PII or UGC, as a part of an error message. 
In such cases, Synchronizer will log this data "as is", without making any attempt to discover or remove sensitive data.
These logs will be retained for 30 days.


BigQuery

For a better understanding of our clients, we collect various statistics. These statistics tell us how we should develop our product to make our clients happy. 

What is collected

The following table is intended to give you a complete understanding of the policy that we use to collect analytics data.

...

These events do not contain any
Data typeComments
Operational metrics

Operational metrics are not anonymized and are correlated with the customer's tenant key in Jira.

This is required for operational purposes, so that we can identify and attribute a portion of cloud hosting and processing costs to a specific customer.

These metrics do not contain any personally identifiable information, nor any user generated content. 

For example:

  • Amount of issues / work items synchronized per day
  • Amount of initial synchronizations run per day

User interface

and usage

We track the usage of certain features in Jira plugin page, as well as in Synchronizer user interface. For example:

  • Clicks on "Learn more" about Hierarchy support
  • Clicks on "Vote up" on Links feature
  • Creation of a filter for a synchronization profile
  • Mapping of work item types
  • etc.

These events do not contain any personally identifiable information, but may contain user-generated content.

This data is used to gain insights into user needs and improve application experience.

Information about

synchronizations errors

We store informations about synchronization errors.

They may contain user generated content or PII (Jira and Azure can unintentionally return data, containing PII or UGC, as a part of the error message.)

For further analysis we copy our operational metrics, described in the table above, to our data warehouse in GCP US region. Data we copy does not contain neither personally identifiable information, nor

...

user generated content.

...

Cloud storage

Cloud storage stores backups of data held in Datastore and Cloud SQL.

Retention period is 7 days.

Amazon Web Services

SUB-PROCESSOR 

Status
colourYellow
titlePROCESSOR

Simple Storage Service (S3)

...