Security and Safety
We take data security very seriously so we use only trusted service providers with the highest security standards. On this page, you will find details on how we secure our clients' data. If you think something is missing or you have any security related questions please let us know at Appfire Support Portal or support@appfire.com.
Analytics
Agile Cards come with inbuilt analytics. The data collected by Agile Cards pertains only to the statistical usage of the add-on. It helps the product team optimize the solution and implement even better future versions.
If you do not wish to have the usage data collected from your instance, you can disable the analytics. Agile Cards depends on the global Jira setting for analytics collection.
What data are read and stored by Agile Cards
Issue data
All the data pertaining to the content of the actual issues are read by JavaScript code launched within your browser window. None of the elements of this data is saved nor processed outside of your browser windows and Jira.
Template settings
Agile Cards stores only data related to templates configuration:
- names of templates
- user key of the last person that has modified a template,
- user key of a template owner,
- template settings configurable through the Agile Cards interface
Feedback form
Agile Cards provides feedback form that gathers the following data:
- feedback content
- information about person raising the request:
- full name
- information about license
- license SEN
- plugin version
- license type (paid/evaluation)
- hosting (server/cloud)
Provided feedback is handled using Appfire Support portal.
How is data secured?
Agile Cards for Jira Server
The code of Agile Cards is downloaded from Atlassian Marketplace directly to Jira and is never served from any third party servers. This means that all the fundamental safety mechanisms applied by Atlassian to your Jira code and data are also applied to Agile Cards code and data. All the configuration data of Agile Cards is stored on Jira and never leaves it.
Agile Cards for Jira Cloud
Agile Cards Cloud server is hosted on Google Cloud. All the configuration data is also stored in Google Cloud in europe-west3 location. We stick to the following security guidelines while working with Cloud infrastructure:
- All external incoming or outgoing connections (or connection that go via public network) are made using secure protocol (for example: https, ssh).
If secure protocol cannot be used the sensitive content must be protected by other means. - Every connection, that is crossing network border(external or internal), is protected by at least one security measure (certificate, token, etc).
- No security measure can be used to cross multiple network borders.
For example, if we protect connections to Cloud external network using Certificate A, then it cannot be used to protect connections to Cloud internal network.
How does Agile Cards synchronization work?
Agile Cards synchronization algorithm is written in JavaScript. This means that the photo is processed entirely within the browser, and no part of the photo is sent outside of the device you have used to access the Agile Cards. In particular, no part of the photo is processed on your Jira server and no data about the content of the photo is ever sent over to our servers.
Services providers
We may use the following Subprocessors in the Processing of Client Personal Data related to Agile Cards for Jira.
Personal data subprocessors in Agile Cards for JIRA Cloud
- Google Cloud - application hosting, data storage and infrastructure for feedback form
Other services used in Agile Cards for JIRA Server and Cloud
- Google Analytics - analytics service