Data Policy Changes

This page outlines changes to the data policy of the Canned Responses Pro Templates for Jira app introduced on May 16, 2022:

V2 - new version of the statement: Data Policy (V2)
V1 - previous (old) version of the statement: Data Policy (V1)

Please review the details of the changes below; we have colored the removed text in RED and the added text in GREEN.

Section	V1	V2	Comment

Section

V1

V2

Comment

Service Providers

Heroku

SUB-PROCESSOR Canned Responses application runs on Heroku environment. Besides the application itself, Heroku stores application access logs that contain the user IP, user key, instance URL, and user JWT token. These logs are purged after 30 days.

Google Cloud Platform

SUB-PROCESSOR Canned Responses application runs on GCP environment. Besides the application itself, GCP stores application access logs that contain the user IP, user key, instance URL, and user JWT token. These logs are purged after 30 days.

We have changed our IaaS provider from Heroku to GCP in order to provide a more reliable and resilient service.

Service Providers

Heroku Postgres

Heroku Postgres stores data provided during the installation handshake. Stored keys authenticate us to clients' instances.

The database is secured using a security mechanism provided by Heroku. See https://www.heroku.com/policy/security#postgres for details.

Stored Data

A key that identifies Jira instance
Shared secrets for communication with Jira

MongoDB Atlas

...

Stored Data

...
key that identifies Jira instance
shared secrets for communication with Jira

We have stopped using Heroku Postgres for storing the mentioned data in favor of MongoDB.