We take data security very seriously so we use only trusted service providers with the highest security standards. On this page you will find details on how we secure our clients' data. If you think something is missing or you have any security related questions please let us know at firstname.lastname@example.org.
Data stored on Heroku Postgres database
- Jira URL.
- Encryption keys for communication with Jira. See https://developer.atlassian.com/static/connect/docs/latest/concepts/authentication.html for technical details.
Data stored on Firebase database
- Board ids to associate a retrospective session data.
- User keys of users who create retrospective cards.
- Issue keys linked from an action card.
- Content of a retrospective session cards.
- Metadata of a retrospective card.
- Metadata of an action card.
- Metadata of a retrospective session.
We store the minimal amount of data needed to provide our service.
We do not store issue summaries, descriptions, comments nor other sensitive information.
Application database is secured using security mechanism provided by Heroku. See https://www.heroku.com/policy/security#postgres for details.
Firebase database is secured using Firebase security rules. Each user in your Jira instance has access to all data listed in section Data Stored for all your retrospective sessions. Anonymous users and users from different Jira instances do not have access to your data.