Security Statement

We understand that security is a top priority for our customers. That's why we process only minimal data required to provide the functionality and that's why we chosen Forge storage as a place to keep the data - this way it never exits Atlassian infrastructure. We are transparent in how we handle customer data.

We follow Atlassian requirements and recommendations regarding apps security.

Privacy Policy

Our privacy policy can be found here: https://acceleration-engineering.com/privacy

The platform

The app is built fully on Forge, a platform built by Atlassian, designed with security and data privacy in mind. See more on https://developer.atlassian.com/platform/forge/

What data we store

  • domain name (e.g. React, Java)

  • only accountId of the expert assigned. We fetch display names and avatars dynamically on rendering

  • Subject Matter Experts custom field id

Where we store the data

  • in the Forge storage, a service provided by Atlassian which is secure, reliable and highly available

Stored data scheme - domains and experts

{
    'react': {
        name: 'React',
        users: ['712020:be50d444-860f-4dea-ab85-4dc3f4519169']
    },
    'java': {
        name: 'Java',
        users: []
    }
}

Stored data scheme - Subject Matter Experts custom field id

string data type e.g. "customfield_10047"

Does the app have Data Egress?

  • no. The data is within Atlassian infrastructure at all time.

  • We designed the app to be maximally secure for our customers.

Why do we need specific permissions

  • storage:app - to be able to use Forge storage

  • read:jira-user- to be able to fetch users data while rendering (display name and avatar)

  • write:jira-work- to be able to add comments notifying experts about being assigned to the issue

  • read:jira-work- to be able to run our code on Issue Creation Event, to notify the experts after being assigned. Forge Events are fully asynchronous and decoupled from the main Issue Creation process and cannot affect or break it.

Does the app support data residency?

Yes. Forge storage which we use, supports it out of the box. It is handled by Atlassian. See https://developer.atlassian.com/platform/forge/data-residency/

Does the app have a data backup?

Yes. See https://www.atlassian.com/trust/security/security-practices#backups

How the communication between Jira and the app works:

Through OAuth 2.0: https://developer.atlassian.com/platform/forge/manifest-reference/permissions/

In case you have any questions related to security

Feel free to contact us at [email protected]. We'll answer any questions in detail. We know that security and privacy are the key aspects for our customers.

PreviousSubject Matter ExpertsNextX5 Deep Work

Last updated