When installing the addon you get this message:
Automation Lite for JIRA Cloud may store your data on Code Barrel Pty Ltd's server so it can integrate with your JIRA instance. As needed for integration, this add-on can:
Is this a requirement?
A longish answer but I want it to be complete.
What data do we have access to?
When you install a JIRA Cloud add-on the add-on can request certain 'scopes' of access. In Automation for JIRA's case, we require READ, WRITE and ADMIN scopes. This means the add-on is granted access to all JIRA REST APIs marked with these permissions on this page: jira rest scopes. We require this access to do things like adding comments to issues, edit issues etc.
Now when a cloud add-on is installed, we store a public and secret key in our database. We store this so that our add-on can make authenticated requests to your JIRA instance as well as receive authenticated requests from your JIRA instance. This is pretty standard for any Atlassian connect add-on for JIRA Cloud.
Full disclosure here - we can use the public key and secret to make authenticated REST calls to any of the REST APIs mentioned on the page linked above manually. However we have only done this in rare circumstances when we need extra information to debug a tricky support problem. We will also ask for your permission first before performing these requests. You can revoke these rights at any time simply by disabling/uninstalling our add-on in your JIRA instance.
What data do we store in our database?
First up - we try to store as little identifying information about your data (issues, projects etc) as possible in our database. Things we do store:
We also collect Google analytics to better help us understand how our users use the front-end, so that we can build better features. We do not include identifying information however in these analytics (such as issue data, config data etc).
Myself and my co-founder have both worked at Atlassian for 10 years previously and we treat customer privacy and security seriously. We believe in full transparancy around these issues. As far as we are concerned, your data is yours and we do not share your data with any third parties (unless we are legally obligated to do so - however this case has not arisen yet).
Sorry for the slightly long winded answer, but I wanted to give you as much detail as possible. If you have any further questions please don't hesitate to ask!
Hey Atlassian community, I help lead engineering at Sentry, an open-source error-tracking and monitoring tool that integrates with Jira. We started using Jira Software Cloud internally last year, a...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs