SolDevelo Apps for Atlassian products – Data Security & Privacy Statement
for: Customer, who purchased and installed SolDevelo apps via Atlassian Marketplace
Effective Date: April 16, 2018; Document Owner: SolDevelo
Data Security and Privacy Statement
New write to Jira permission
Clarify no End User Data is stored on our servers
Clarification on customer-provided data processing
Added information about the use of Hotjar
Added information about the use of Google Analytics
Table of Contents
This policy applies unless otherwise stated. If you do not agree with this policy, do not access or use our Apps or interact with any other aspect of our business.
2. About personal data
Personal Data is understood as every information which allows to directly or indirectly identify a natural person (their name and surname, email address, telephone number and any other data of a person which, when combined may lead to the identification of a particular natural person).
All the information we collect about you is aggregated and with statistical purposes. In particular, we are NOT tracking:
- Any kind of personal information or JIRA instance info that could identify uniquely
- Any field value; we just take the aggregate information of the field types created.
- Any user name or real name of the people that use Soldevelo Apps.
- Any filter saved.
In the case you use cloud hosting of Atlassian products, we do not store or use in any way the key to user data that Atlassian makes available through its API.
3. Personal Data Administrator
SolDevelo limited corporation, headquartered in Gdynia (postal code 81-451), Al. Zwycięstwa 96/98, is the Personal Data Administrator, registered in the Register of Entrepreneurs of the National Court Register, administered by the District Court Gdańsk – North, which is VIII industrial department of National Court Register, the NCR number 000332728, the initial capital of 60 000 PLN, NIP: 586-224-03-31, REGON 220828585.
If you have any questions or concerns in relation to data protection or about the way in which we process information about you, please ontact us via e-mail: [email protected] or by mail using our headquarters’ address: SolDevelo, Al. Zwycięstwa 96/98, 81-451 Gdynia.
4. Legal basis and the purpose of personal data processing at SolDevelo
Your Personal Data is processed only for purposes of execution of a potential and/or signed contractual relationship (Art. 6.1.b of the GDPR), legitimate interest (Art. 6.1.c of the GDPR), legitimate interests pursued by the Administrator (Art. 6.1.f of the GDPR) or the consent given by the data subject (Art. 6.1.a of the GDPR).
We use Personal Data:
- to communicate with you about the services and help you become more
proficient in their use;
- to market our services and drive your engagement with them;
- for customer support, in order to respond to your requests for assistance, and to
repair and improve the services;
- in connection with legal claims, compliance, regulatory, and audit functions;
- with your consent, for specific purposes not listed above.
Regardless of the purpose of the processing, providing the data is voluntary, however, failure to do so may affect the objective of the service or imply the inability of its execution.
We retain your Personal Data for as long as your relation with Soldevelo is active and for as long as it is required to satisfy the needs for which it was first collected. Those requirements extend to compliance with our legal obligations, dispute of resolutions, enforcement of our agreements, and the support of business operations.
5. What rights are provided to the persons whose data we process
Each person whose Personal Data is processed by SolDevelo has the right to:
1) Access to their Personal Data, including information regarding:
a) The purposes of the processing.
b) The class of processed data.
c) Recipients of the groups of recipients of the data.
d) The person’s rights related to the data processing area.
e) The possibility of filing a legal complaint to the supervisory organ.
f) The source of the acquired data.
2) Raise an objection against further processing of their Personal Data and in case of a consent already provided, to its withdrawal. Using the right to the consent withdrawal does not affect the data processing that took place before the resignation.
3) Correct and fill the person’s Personal Data.
4) Limit or delete a person’s Personal Data.
5) Move a person’s Personal Data to another Administrator.
You can exercise the rights described above at any time, filling a request via e-mail at [email protected] or via mail to the address of our headquarters: SolDevelo Sp. z o.o. Al. Zwycięstwa 96/98, 81-451 Gdynia. If necessary, we will ask you to provide us with some additional information allowing for authentication in order to make sure that you are authorized to receive the requested information. We respond to every request in a period of a month counted from the date of receiving the claim.
In Poland, the supervisory organ responsible for Personal Data protection is the President of Office of Protection of Personal Data headquartered in Warsaw, near Stawki 2 Street. You can fill the complaint to this organ if you find our Personal Data processing improper.
As an Atlassian Marketplace App user, your profile information belongs to your Atlassian account, and you will, therefore, need to interact directly with Atlassian's products and channels to have your information updated.
6. Additional important information
Means of security
We make every effort in order to ensure that the Personal Data and any other customer-provided data that we process remains secure. To provide the best levels of safety possible, we apply appropriate organizational and technical means which protect us from loss, devastation, improper or illegal usage of data. We implemented the most technologically innovative solutions, on the procedural level we act in accordance with restrict requirements of the international norm ISO/IEC 27001:2017.
We hereby confirm that Personal Data is processed only by persons and parties who are so authorized on the appropriate legal basis and agreements.
The rules for data exposure
We do not make the Personal Data or any other customer-provided data available to other administrators unless there is a legal obligation for such doing (for example, providing data to the public organs due to their ongoing proceedings). We do not provide Personal Data to foreign countries.
Automated decision-making processes
The Personal Data that we process is not subject to automated decision-making processes, including profiling.
Removal of customer-provided data
You are allowed to request the removal of the data you have provided from our systems by contacting us via any support channel we offer at a time.
Information on user tracking
In order to evaluate the usage of our products and help us improve our services, performance, and user experiences, we use user activity tracking tools that enable us to optimize our applications to meet users’ needs.
Google Analytics in Multiple Checklists for Jira application
Hotjar in Worklogs – Time Tracking and Reports