Created: February 28, 2017
Your business-related information and sensitive data
The application connects to JIRA server of your choice and downloads data, which enables its core functionality – providing you with information about your projects, tasks, attachments, workflow, users, etc.
The business-related and sensitive data is never passed over to any third party applications or services, neither it is passed to our own servers. The Application is designed to keep all your business-related and sensitive information exclusively on the device it was installed on. The data might be saved locally on the file system in order to facilitate quick access in any network conditions, including offline.
It is your responsibility to lock your device with a Touch ID & Passcode protection to prevent access to the data by people who may potentially obtain physical access to your device.
By default, the Application uses protected (https://) connection unless you explicitly enter your JIRA domain starting with “http://”. If you use unprotected http:// connection we will not be held responsible for your data security, because all information, including your login and password, will be transferred unencrypted between the Application and your JIRA server. We encourage you to use only SSL-enabled JIRA instances.
Downloaded attachments are stored unchanged in the application’s Documents folder.
3-rd party applications, that are installed on your device, are unable to obtain access to your data due to Apple Sandboxing principles.
You can completely remove the stored data at any time by tapping the “Clear cache” button in the Application settings.
Your JIRA password and all Cookie files, generated by JIRA server are stored exclusively in iOS Keychain, which is the Apple’s protected data storage designed specifically for highly sensitive data.
You can completely remove password and cookies at any time by tapping “Log out” button in the Application settings. All stored data will also be completely removed automatically.
User Provided and Automatically Collected Personal Information
The Application obtains the information you provide when you log in to your JIRA account. You generally provide (a) URL to your JIRA instance; (b) your username.
The Application may also collect the following information automatically, provided it is available on your JIRA server via REST API: (c) your name; (d) your email address.
The self-diagnostics mechanism within the Application also collects (g) information about internal malfunctions and error messages, supplemented with the information about time the error happened and version of JIRA you were using when it happened; (h) what is the current version and build number of the Application you last logged in with; (g) number of login events and the date and time of your last login event.
Additionally, the Application also collects (e) transaction-related information when you make purchases within the Application, these are: product identifier and subscription end period; (f) information you provide us when you contact us for help.
Note that the (g) information about internal malfunctions and error messages might also potentially expose small pieces of your business information as a part of a verbal error message from JIRA server or as a part of URL request. Typically these might be a project key, a name of a custom field, how many open issues you have. These data are usually very sporadic and completely out of context.
The Personal data mentioned in this section is stored exclusively in Google’s Firebase Realtime Database and is protected by Google’s Anonymous authentication mechanism. Access to the data is restricted to the particular copy of the Application on your device, which performed the data collection.
You can revoke access to this data by removing the Application. Each next installed copy of Application won’t have access to the data, collected by any previously installed copies.
We will not share or disclose any of your Personal Information with third parties except as described in this policy. We do not sell your Personal Information.
Does the Application collect precise real time location information of the device?
This Application does not collect precise information about the location of your mobile device.
Do third parties see and/or have access to information obtained by the Application?
Only aggregated, anonymized data is periodically transmitted to external services to help us improve the Application and our service.
We will share your information with third parties only in the ways that are described in this privacy statement.
We may disclose User Provided and Automatically Collected Personal Information:
- as required by law, such as to comply with a subpoena or similar legal process;
- when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
- with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement.
- in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
What are my opt-out rights?
You can stop all collection of information by the Application by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network. You can also request to opt-out via email, at email@example.com.
Data Retention Policy, Managing Your Information
We will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. We will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate. If you’d like us to delete User Provided Data that you have provided via the Application, please contact us at firstname.lastname@example.org and we will respond in a reasonable time. Please note that some or all of the User Provided Data may be required in order for the Application to function properly.
We do not use the Application to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com. We will delete such information from our files within a reasonable time.
We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees and contractors who need to know that information in order to operate, develop or improve our Application. Please be aware that, although we provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
If you have any questions regarding privacy while using the Application, or have questions about our practices, please contact us via email at firstname.lastname@example.org.