In case you're wondering who we are, Workflow Steps for Jira is made and supported by our team at Adaptavist, which is a London-based solutions provider that is trusted by more than 10,000 companies worldwide, including half of the Fortune 500. The company was founded in 2007 and has more than 400 employees worldwide.
Adaptavist is a Platinum Atlassian Solutions Partner in EMEA and North America, a Platinum Marketplace Partner, a SAFe® Gold Transformation Partner, and a trusted Slack and AWS partner.
About Data-Handling in General
When you download any app, explanations of how your data will be used are often nebulous and mostly unhelpful. It's usually boilerplate material that meets the mothership's legal requirements—which is useful, no doubt—but leaves a lot to be desired in terms of actual details. So in the spirit of full transparency, we offer you a clearer picture of the data we use and precisely how we use it.
What information from my Jira instance does Workflow Steps for Jira access?
Workflow Steps for Jira only stores the URL of your Jira instance and the user-provided instance name. We do this simply to maintain the connection with your Jira instance.
Slack stores the following information within Workflow Builder, though this information is not visible to Workflow Steps for Jira:
- Project configuration information, such as project key, issue type, etc.
- Configuration details for the selected issue type; for example, selected field defaults like a Jira username in an Assignee field or Priority-level descriptions.
All information presented when editing workflow steps is filtered by the Jira user permissions of the authenticated user who is configuring the workflow step.
Our app does not store any data during the transmission of data back to your Jira instance.
How are users authenticated?
Individuals have the sole authority to initiate the authentication procedure. Authentication is based on OAuth 1.0 (the standard for on-premise Jira instances) over a secure HTTPS connection.
How and where is my information stored?
With the exception of your Jira URL and instance name, Jira configuration data used to populate workflow steps is stored in Slack. Only the Workflow ID and Step ID are visible to Workflow Steps for Jira.
Our hosting company is AWS. All information is collected, stored, and processed within countries that comply with GDPR. Primarily data is stored within UK / EU / USA data centers, all of which have the appropriate compliance frameworks, including support for GDPR and EU Privacy Shield. We validate that all our suppliers comply with the same standards and regulations that we adhere to ourselves.
Is information encrypted in transit?
Absolutely, all information is encrypted in transit.
What information does Slack share with Workflow Steps for Jira?
Here's the complete list from our listing in the Slack App Directory, but the permissions that sound particularly invasive are as follows:
- View messages and other content in public channels that Workflow Steps for Jira has been added to
- View messages and other content in private channels that Workflow Steps for Jira has been added to
- View messages and other content in direct messages that Workflow Steps for Jira has been added to
To give some context, these permissions are used by the Extract Message step, which works in concert with the @Workflow Steps for Jira bot. These permissions are only available to the app if users invite the bot into channels or conversations. Once the bot is in a Slack channel or conversation, it interacts with messages only if invoked on a message or thread, which is typically initiated by the use of the emoji-reaction trigger.
Have more questions? Contact us.
If you have any additional questions about how Adaptavist and/or Workflow Steps for Jira handles your data, don't hesitate to reach out to us at firstname.lastname@example.org so we can chat.
We'll update this page with additional clarifications as necessary, which you can track in the Release Notes .