Data Privacy Statement
2016-04-04 - 2018-07-10 v1.0.0 - v1.7.0
This Plugin is fully EU General Data Protection Regulation (GDPR) compliant and follows the principles of Privacy By Design and Privacy By Default.
Description of Function
The Customfield Editor for Jira in short CEP is a plugin for Atlassian Jira which runs as an OSGi Bundle inside Jira.
The Plugin provides a way to edit options of some of Jira's built in custom field options.
Therefore an administrator needs to grant permissions to users or groups on custom fields and/or custom field contexts.
The plugin provides a REST API that is secured the same way as the Web-GUI.
The only data stored by the plugin are the usernames and groupnames together with the custom field ID via the internal Jira storage called PluginSettingsFactory.
The plugin opens no network connections. It does not download or upload any data to or from third party pages.
The CEP REST API uses JAX-WS and will respond to HTTP API Calls via the network.
Collection of Personal Information
No personal information is collected.
The plugin uses built in Atlassian Objects to enforce Authorization on administrator-only CEP pages.
The plugin uses custom built Security (see Data Storage) to enforce Authorization on user-only CEP pages.
Both REST API and Web-GUI are secured by the same security measures.
All pages and all REST Endpoints require Authentication, except the REST API Explorer which is available anonymously but will only return data if authenticated.
The plugin is provided over a secure TLS (https) connection when installed via the Atlassian Marketplace.
The user of CEP should enable TLS (https) for Jira to secure the REST API and the Web-GUI against ethernet sniffing to avoid insecure authorization.