Data Privacy Statement

2018-07-10 - today v1.7.1 - latest

The following gives a simple overview of what happens to your personal information when you use the Customfield Editor for Jira called "App". Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

This app is fully EU General Data Protection Regulation (GDPR) compliant and follows the principles of Privacy by Design and Privacy by Default.

1. Functional description of App

The app for Atlassian Jira runs as an OSGi Bundle inside your own Jira Server or Jira Data Center Instance. Meaning the customer itself runs the host systems (self-hosted).

The app provides a way for normal users to edit options of custom fields.

Therefore an administrator needs to grant permissions to users or groups on custom fields or custom field contexts.

The app provides a REST API that is secured the same way as the Web-GUI.

Data Storage

The only data stored by the app are the usernames and groupnames together with the custom field ID in the internal data storage of Jira. All data is stored within the customers Jira Instance. No data is stored outside of the Instance.

Network Connection

The app opens no outgoing network connections. It does not download or upload any data to or from third party pages.

The app's REST API uses JAX-WS and will respond to HTTP API Calls via the network.

Security Measures

The app uses built in Atlassian Objects to enforce Authorization on administrator-only app pages.

The app uses custom built Security (see Data Storage) to enforce Authorization on user-only app pages.

Both REST API and Web-GUI are secured by the same security measures.

All pages and all REST Endpoints require Authentication, except the REST API Explorer which is available anonymously but will only return data if authenticated.

The app is provided over a secure TLS (https) connection when installed via the Atlassian Marketplace.

The user of the app should enable TLS (https) for Jira to secure the REST API and the Web-GUI against ethernet sniffing to avoid insecure authorization.

2. General information and mandatory information

Data protection

The app vendor takes the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

Notice concerning the responsible party

The party responsible for processing data is:

cpobdqercplyobuh UHGT ((huanfstguhnagtsfboersfcphureäänakxtg))
represented by: BOerrenahuanredq GTreüünaerwjanlydqtg
ANlytgdqobrefserre SFtgreanßßer 22 -- 9911220077 LYanuhfs anna dqerre PCergtnaivtgzm,, GTerremzannayl
Phone: ++4499 99112233 88331122994411
Mail: vasb@pbqrpybh.vb

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

3. Data collection when using the App

What type of personal data is collected?

Codeclou does not collect, process or store any personal data. Personal information is any data with which you could be personally identified (e.g. E-Mail-address, Name ...).

Data collection during app usage

No personal data is collected, processed or stored.