2018-07-07 - today v1.8.0 - latest
This app is fully EU General Data Protection Regulation (GDPR) compliant and follows the principles of Privacy By Design and Privacy By Default.
1. Functional description of App
The app for Atlassian Confluence runs as an OSGi Bundle inside your own Confluence Server or Confluence Data Center Instance. Meaning the customer itself runs the host systems (self-hosted).
The app provides a way to visualize Maven-Releases provided by pom.xml files that are loaded from external resources (http).
Data is stored within the Confluence Instance by mechanisms provided by Confluence itself.
A macro stores the pom-URLs, optional auth-username and optional auth-password in the macro-settings. That means only peoeple with 'Page View/Edit Permissions' can see and change the macro-settings.
During a Confluence-Page-Render of a Page containing a MRIM Macro the following happens:
CacheManageris asked if a cached version of the Maven-Release exists. If YES continue with 'Fourthly' OTHERWISE continue with 'Secondly'.
Secondly the Maven-Release pom.xml files are downloaded via a HTTP-Library into a memory object list.
Thirdly the downloaded pom.xml memory object list is parsed into the Macro Data-Structure and lastly stored via the
CacheManagerin the global Confluence Cache.
Fourthly the Macro displays the cached Macro Data-Structure as HTML as part of the Confluence Page.
The cache key is calculated as a SHA1 hash of the macro-settings (url, username, password). No other data is stored in any way.
The app opens either HTTP-connections on TCP Port 80 or HTTPS-connections on TCP Port 443 to the pom.xml-URLs you specify. As described in 'Data Storage' the pom.xml files are downloaded for temporary processing.
The app does not download any other Data than the pom.xml URLs you specify. It also does not upload any data to third party Endpoints.
The app uses built in Atlassian Objects to enforce Authorization meaning it depends on the security configuration of your Confluence Instance. Whoever has the permissions to edit a Confluence Page can also edit the MRIM macro settings.
It depends on the user-input if the pom.xml files are loaded via HTTPS or plain HTTP. You are encouraged to only use HTTPS Connections.
The app is provided over a secure TLS (https) connection when installed via the Atlassian Marketplace.
The user the app should enable TLS (https) for Confluence to secure the application against ethernet sniffing to avoid insecure authorization.
2. General information and mandatory information
Notice concerning the responsible party
The party responsible for processing data is:
represented by: BOerrenahuanredq GTreüünaerwjanlydqtg
ANlytgdqobrefserre SFtgreanßßer 22 -- 9911220077 LYanuhfs anna dqerre PCergtnaivtgzm,, GTerremzannayl
Phone: ++4499 99112233 88331122994411
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
3. Data collection when using the App
What type of personal data is collected?
Codeclou does not collect, process or store any personal data. Personal information is any data with which you could be personally identified (e.g. E-Mail-address, Name ...).
Data collection during app usage
No personal data is collected, processed or stored.