Atlassian Cloud Apps privacy policy

Atlassian Cloud Apps Privacy Policy

Introduction

At miniOrange, we never compromise Security – We secure IT Right! Our primary goal is to have a secure connection between people and technology. miniOrange believes in creating products and services that are secure, resilient, and assured.

This privacy policy will let you know all the security policies and measures taken to protect personally Identifiable Information. We have implemented various security guards to protect all personal information in accordance with industry standards.

Please note that this privacy policy is applicable to our Atlassian customers/clients/partners who are using miniOrange Cloud Products and solutions.

miniOrange roles and responsibilities

Your privacy is important to us. Your personal information will only be used to update you on our products and services.

When you install our apps, we process:

    • names,
    • email address,
    • customer location,
    • company name, and
    • name of the purchaser

The processing is necessary for the performance of a contract to which the legal entity that you represent is a party. The legal basis for the processing is the performance of our contract with you (GDPR).

We don’t gather any information for Secure Share, LDAP connector and OAuth SSO applications of the cloud. Basic information is required to complete the process which is only stored till the completion of the process.

For PDF Exporter

Currently, there is no data stored within the application.

For Bulk User Management

The data follows Atlassian’s privacy policy since the app is constructed using Forge, and it exclusively utilizes Forge’s storage.

For JSM SSO

Email and API token for a service account while configuring the add-on will be stored as data. The mentioned data will be collected directly when the user inputs the information. Apart from email and API token no personal information of customers is gathered, only audit logs about customers are shown to the admin. This is collected from the user session of the customer after SSO.

For User Provisioning/SCIM

In the process of configuring the add-on, an email address and API token are stored for a service account. This information is collected directly from the user.

For DLP for JIRA and Confluence

The app is developed on Atlassian’s Forge platform, ensuring that all data remains exclusively within the Forge environment without any external transfer.

How can it be collected?

Direct interactions when you download our application.
This includes personal data you provide when you:

    • subscribe to our Service or publications;
    • apply for our products or Services;
    • request marketing to be sent to you;
    • communicate with us via email, on-line chat, video call and/or phone call or give us some feedback.
For JSM SSO

Email and API token for a service account are used for api calls to Atlassian cloud.
Account ID for customers is used to show audit logs to the admin.

For User Provisioning/SCIM

Email and API token for a service account are used for api calls to Atlassian cloud. Security on Collected DataminiOrange maintains and uses reasonable administrative, organizational, technical and physical safeguards to protect your information from loss, destruction, misuse, unauthorized access or disclosure as required by applicable law. These technologies help ensure that your data is safe, secure, and only available to you and to those you provided authorized access (e.g., your users).

Use of Cookies
How do we use cookies?
Information collected:
    • The information you provide: You may provide information to us including, but not limited to, your name, e-mail address, and credentials. Submitting this information to us is voluntary, and you will still have access to the Websites without providing the information, except when needed to provide the information to access certain pages, resources, user groups, services or features.
    • Automated information collected: Our Websites may automatically collect information about you during your visit. Cookies can be accepted or declined in your browser’s settings. Examples of information we may collect include browser type, operating system, pages you view, links you click on, and your IP address.
    • How do we use this information: We use information collected to provide you with information about products and services we offer, increase your user experience, and collect data to produce and provide you with information relating to your activity on our Websites.
How to Delete and Block Cookies

To delete and block cookies please see the settings on your browser which allow you to set your preferences and/or settings.

Withdrawing Consent to Collect Cookies

To withdraw consent, you will need to delete the cookies in your browser settings and adjust your preferences to block cookies in your browser preferences/settings. Cookies are used to identify you and your user behavior and do not give access to your computer. This privacy and cookie policy does not cover the use of cookies or similar technology by other sites which we have no access or control of. By visiting and navigating through our Websites, you are agreeing to the use of cookies and similar technologies for the purposes we describe in this Privacy Policy.

How long do we keep your information?

We abide by the right to erasure of GDPR. Both deletion and access requests can be serviced upon initiating the request with us.

For Secure Share

We use third party services for providing text formatting options to user inputs.

For JSM SSO

We use third party services for providing text formatting options to user inputs.

Third Party Links and App Uses

We don’t store your data, we process it via us. Data such as email and profile are stored just in case if any assistance is required. We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; the type, size and filenames of attachments you upload to the Services; frequently used search terms; and how you Interact with others on the Services.

Testimonials: We post customer testimonials on our Web site which may contain personal data. We obtain a customer’s consent via email prior to posting the testimonial to post that customer’s name along with their testimonial. A customer may always withdraw such consent, without affecting the lawfulness of the processing based on consent before its withdrawal.

Surveys: From time-to-time we may provide you the opportunity to participate in surveys and contests. Participation in these surveys or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information, such as email or phone number. We use this information to improve our Service and to send our customers updates on how we are improving the Service based on their feedback.

Your Rights

If you would like to exercise any of your rights, or receive more information about them, please contact us via the contact details set forth in the “Contact Us” section of this Policy. We promptly respond to all requests from individuals seeking to exercise their rights described below and pursuant to applicable data protection laws. Please note that some of the following rights may not be applicable to your situation:

Right of access: You have the right to gain access to information about the personal data that we process about you. Should you have any questions regarding the processing or want more insight into the personal data we process from you, you are always welcome to contact us and we will provide you with further information.

Right to rectification: You have the right to get your personal data updated or corrected. Upon your request to us, we will promptly (in no event more than 72 hours from your request) correct your information inaccurately stored by us and/or supplement incomplete personal data completed by including a supplementary statement provided by you.

Right to erasure/right to be forgotten: You have the right to request of us to permanently delete your personal information. You can make such a request if you for example believe that the personal data are no longer necessary in relation to the purpose for which the personal data were collected or otherwise processed.

Right to restrict the processing activities: You have the right to restrict our processing activities. If you choose to restrict our processing activities regarding certain personal data, note that you may not be able to use our Website properly.

If you are unsatisfied with the way we treat your personal data, you may reach out to us at all times to discuss the issue. However, you always have the right to lodge a complaint to a supervisory authority.

We may amend this privacy policy from time to time. Laws, regulations and Industry standards evolve, which may make those changes necessary, or we may make changes to our business.  If we make any substantial changes in the way we use your personal information, we will make that information available by posting a notice on one or more of our Websites.

Contact

If you would like to contact us with questions or concerns about our privacy policies and practices, you may contact us via any of the following methods:

Email us at: atlassiansupport@xecurify.com
For any queries: Raise your ticket here.

Or you can fill the form with your question/concern: https://www.miniorange.com/contact.