How We Use Your Data
In case you're wondering who we are, Workflow Steps for Jira is made and supported by our team at Adaptavist, which is a London-based solutions provider that is trusted by more than 10,000 companies worldwide, including half of the Fortune 500. The company was founded in 2007 and has more than 400 employees worldwide.
Adaptavist is a Platinum Atlassian Solutions Partner in EMEA and North America, a Platinum Marketplace Partner, a SAFe® Gold Transformation Partner, and a trusted Slack and AWS partner.
Data-Handling in Workflow Steps for Jira
When you download any app, explanations of how your data will be used are often nebulous and mostly unhelpful. It's usually boilerplate material that meets the mothership's legal requirements—which is useful, no doubt—but leaves a lot to be desired in terms of actual details. So in the spirit of full transparency, we offer you a clearer picture of the data we use and precisely how we use it.
What information from my Jira Server instance does Workflow Steps for Jira access?
Workflow Steps for Jira only stores the URL of your Jira instance and the user-provided instance name. We do this simply to maintain the connection with your Jira instance.
Slack stores the following information within Workflow Builder, though this information is not visible to Workflow Steps for Jira:
- Project configuration information, such as project key, issue type, etc.
- Configuration details for the selected issue type; for example, selected field defaults like a Jira username in an Assignee field or Priority-level descriptions.
All information presented when editing workflow steps is filtered by the Jira user permissions of the authenticated user who is configuring the workflow step.
Our app does not store any data during the transmission of data back to your Jira instance.
How are Jira Server users authenticated?
Individuals have the sole authority to initiate the authentication procedure. Authentication is based on OAuth 1.0 (the standard for on-premise Jira instances) over a secure HTTPS connection.
How and where is my Jira Server information stored?
With the exception of your Jira URL and instance name, Jira configuration data used to populate workflow steps is stored in Slack. Only the Workflow ID and Step ID are visible to Workflow Steps for Jira.
Our hosting company is AWS. All information is collected, stored, and processed within countries that comply with GDPR. Primarily data is stored within UK / EU / USA data centers, all of which have the appropriate compliance frameworks, including support for GDPR and EU Privacy Shield. We validate that all our suppliers comply with the same standards and regulations that we adhere to ourselves.
Is information encrypted in transit?
Absolutely, all information is encrypted in transit.
What information does Slack share with Workflow Steps for Jira?
Here's the complete list from our listing in the Slack App Directory, but the permissions that sound particularly invasive are as follows:
- View messages and other content in public channels that Workflow Steps for Jira has been added to
- View messages and other content in private channels that Workflow Steps for Jira has been added to
- View messages and other content in direct messages that Workflow Steps for Jira has been added to
To give some context, these permissions are used by the Extract Message step, which works in concert with the @Workflow Steps for Jira bot. These permissions are only available to the app if users invite the bot into channels or conversations. Once the bot is in a Slack channel or conversation, it interacts with messages only if invoked on a message or thread, which is typically initiated by the use of the emoji-reaction trigger.
Let's talk Cloud account data, specifically
Here are some details about how we handle your Jira Cloud data.
What data does Workflow Steps for Jira store from my Cloud connections, and how is that data stored?
Our app only stores your Atlassian ID to use in association with your email. All of your data is encrypted both at rest and in transit to keep it safe and sound.
Why do you need to store my data for Cloud connections?
Workflow Steps for Jira displays a summary of your connections on the app Home tab to give you a clear view of which accounts are connected. You can disconnect those Cloud connections at any time and remove all of your data from the app immediately by doing so.
What does the personally identifiable information (PII) reporting service do?
If you're not familiar with Atlassian's user privacy guide for app developers, we abide by the OAuth 2.0 standards for Cloud data 100%.
This reporting service keeps your info up to date in the app. If you make changes to your Atlassian account details—for example, if you change your email—the reporting service cycles through and catches those changes to keep your work in Workflow Steps for Jira uninterrupted and working as expected.
If I remove my Cloud connection, how long after the disconnection does the Workflow Steps for Jira keep my data?
Once you disconnect your Jira Cloud account, your stored data is gone from Workflow Step for Data immediately. We don't keep any of it for any additional period of time.
Have more questions? Contact us.
If you have any additional questions about how Adaptavist and/or Workflow Steps for Jira handles your data, don't hesitate to submit a support ticket with your questions so we can schedule a chat. (If you need help logging in, see Log In to the TAG Support Portal.)
We'll update this page with additional clarifications as necessary, which you can track in the Release Notes .