Data Security and Privacy Statement

Last updated: June 2023

1. Introduction

This Privacy Policy explains what information Y2 ENGINEERING SP ZO.O. (a provider of downloadable and cloud-based applications under the Release Management brand name through the Atlassian Marketplace) collect about you and why, what we do with that information and how we handle the content you place in all our add-ons for JIRA Cloud ("Add-on") which is fully compliant with the Atlassian Privacy Policy.

2. Scope of Privacy Policy

This Privacy Policy applies to the information that we obtain through your use of the Add-on. By using Add-on you consent to the collection, processing, storage, disclosure and other uses described in this Privacy Policy.

3. Definitions

Add-on: a bundle of code, resources and configuration files that can be used with an Atlassian product to add new functionality or to change the behavior of that product's existing features.

Content: any information or data that you upload, submit, post, create, transmit, store or display in an Atlassian Service.

Information: all of the different forms of data, content, and information collected by us as described in this Privacy Policy.

Customer Data: IDs (references) for Jira Versions, Sprints, Epics, Custom JQLs that we use to define Releases in Release Management, Jira User IDs (references) in case are used as Custom Properties for Releases or to tracking transitions of releases according to workflow, comments for releases. Also IDs (reference) of Jira Projects and User/Group IDs to limit observability and access to Release Boards. By definition Customer Data does not include any Personal Information. Sametime we cannot garantee that the users will not put some PII data into free text fields across the App.

4. Changes to Privacy Policy

We may change this Privacy Policy from time to time. If we make any changes, we will notify you by revising the "Effective Starting" date at the top of this Privacy Policy.

If you disagree with any changes to this Privacy Policy, you will need to stop using Add-on and deactivate your account(s), as outlined below.

5. Information available to us

Atlassian Marketplace Information

  • Contact information such as name, email address, mailing address, and phone number

  • Billing information such as name and billing address

  • JIRA host details (as prescribed by the Atlassian Connect Guidelines)

    • Details: eventType, productType, baseUrl, pluginsVersion, serverVersion, sharedSecret, publicKey, clientKey

6. Content

We collect and store Content that you create, input, submit, post, upload, transmit, store or display in the process of using our SaaS Products or Websites. Such Content defined as Customer Data, does not include any Personal Information (PII) or other sensitive information we collect. But, we can't protect the users from putting some PII data into free text fields we use across the App.

7. Other submissions

We collect other data that you submit to us, such as surveys, activity or event, request customer support, communication with us via third party social media sites or any other form of communicating with us. For example, information regarding a problem you are experiencing with the Add-on could be submitted to our issue tracker or sent via email.

8. Information we collect from your use of the Add-on

Web Logs

As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with the Add-on. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your Devices, your mobile carrier, and system configuration information, the URLs you accessed (and therefore included in our log files) include usernames as well as elements of Content (such as JIRA project names, project keys, status names, and JQL filters) as necessary for the Add-on to perform the requested operations. Occasionally, we connect Customer Data to information gathered in our log files as necessary to improve Add-on Services for individual customers. In such a case, we would treat the combined Information in accordance with this privacy policy.

 

Analytics Information

We collect analytics information when you use our Add-on to help us improve our products and services. This analytics information consists of the feature and function of the Add-on being used, the associated license identifier (SEN) and domain name, the username and user data available from the JIRA REST API. The analytics information we collect includes elements of Content related to the function the user is performing. As such, the analytics information we collect may include some elements of Customer Data that the user chose to upload, submit, post, create, transmit, store or display in the Add-on.

As of the date this policy went into effect, we use Google Analytics as an analytics provider. To learn more about the privacy policy of Google Analytics, refer to Google's Policies and Principles. Use the Google Analytics Opt-out Browser Add-on to prevent analytics information from being sent to Google Analytics.

 

Analytics Information Derived from Content

Analytics information also consists of data we collect as a result of running queries against Content across our user base for the purposes of generating Usage Data. "Usage Data" is aggregated data about a group or category of services, features or users that does not contain specific Customer Data.

Though we may happen upon Customer Data as we compile Usage Data from Content across user instances, this is a byproduct of our efforts to understand broader patterns and trends. It is not a concerted effort by us to examine the Content of any particular customer.

 

Cookies and Other Tracking Technologies

We use various technologies to collect information, such as cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory. We use cookies to improve and customize Add-on and your experience; to allow you to access and use the Add-on without re-entering your username or password; and to count visits and understand which areas and features of the Add-on are most popular. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of the Add-on. We may also collect information using web beacons (also known as "tracking pixels"). Web beacons are electronic images that may be used in the Add-on or in emails that help us to deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon.

We also use javascript, e-tags, "flash cookies", and HTML5 local storage to collect information about your online activities over time and across different websites or online services. Many browsers include their own management tools for removing HTML5 local storage objects. To manage "flash cookies" please click here.

9. How we use Information we collect

General Use

We use the Information we collect about you (including Customer Data to the extent applicable) for a variety of purposes, including to:

  • Provide, operate, maintain and improve Add-on;

  • Enable you to access and use Add-on, including uploading, downloading, collaborating on and sharing Content;

  • Process and complete transactions, and send you related information, including Release Notes and Feature Prompts;

  • Send transactional messages, including responding to your comments, questions, and requests; providing customer service and support; and sending you technical notices, updates, security alerts, and support and administrative messages;

  • Send promotional communications, such as providing you with information about services, features, surveys, newsletters, offers, promotions, contests, events and sending updates about your team and chat rooms; and providing other news or information about us and our select partners;

  • Monitor and analyze trends, usage, and activities in connection with Add-on and for marketing or advertising purposes;

  • Investigate and prevent fraudulent transactions, unauthorized access to Add-on, and other illegal activities;

  • Personalize Add-on, including by providing content that match your interests and preferences;

  • Enable you to communicate, collaborate, and share Content with users you designate; and

  • For other purposes about which we obtain your consent.

Notwithstanding the foregoing, we will not use Customer Data appearing in our Analytics Logs or Web Logs for any purpose. The use of Information collected through our Atlassian Services shall be limited to the purposes disclosed in this policy.

 

Compiling aggregate analytics information

To better comply with the Atlassian Marketplace, we make extensive use of analytics information (including log and configuration data) to understand how Add-on is being configured and used, how it can be improved for the benefit of all of our users, and to develop new products and services. As such we generate Usage Data (as defined above) from the web logs and analytics logs described above, including the Content elements captured in such logs, as well as from the Content stored in the Add-on.

 

Information sharing and disclosure

We will not share or disclose any of our Customer Data or Content with third parties except as described in this policy. We do not sell your Customer Data or Content.

 

Your Use

When you use Add-on, Content you provide will be displayed back to you.

 

Collaboration

As a natural result of using Add-on, you may create Content that other users of your JIRA instance can access for the purposes of collaboration. Some of the collaboration features of Add-on display your profile information, including Personal Information included in your profile, to users with whom you have shared your Content

10. Service Providers, Business Partners and Others

We work with third party service providers to provide website, application development, hosting, maintenance, back-up, storage, virtual infrastructure, payment processing, analysis and other services for us. These service providers may have access to or process your Information for the purpose of providing those services for us. This list includes:

11. Information we do not share

We do not share Customer Data with third parties.

12. Data storage, transfer and security

Add-on hosts data with hosting service providers in numerous countries (namely Germany and Finland). The servers on which Customer Data are stored are kept in a controlled environment. While we take reasonable efforts to guard our Customer Data, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. In addition, we cannot guarantee that any incidentally-collected Personal Information you choose to store in Add-on are maintained at levels of protection to meet specific needs or obligations you may have relating to that information.

Where data is transferred over the Internet as part of the Add-on, the data is encrypted using industry standard SSL (HTTPS).

13. Contact Information

For communications concerning this Data Security and Privacy Statement, please write to support@releasemanagement.app

If you have any concerns about Release Management’s data protection practices, the contact details of Release Management’s data protection officer are:

Yuri Kudin
ykudin@releasemanagement.app
+380 97 922 76 79