Agile Poker Cloud
This part of the documentation relates to Agile Poker for JIRA Cloud. In case of Agile Poker for JIRA Server all data are stored in clients' JIRA database and we don't store any data on Spartez infrastructure.
We take data security very seriously so we use only trusted service providers with the highest security standards. On this page you will find details on how we secure our clients' data. If you think something is missing or you have any security related questions please let us know at firstname.lastname@example.org.
Data stored on Heroku Postgres database
- JIRA URL.
- Encryption keys for communication with JIRA. See https://developer.atlassian.com/static/connect/docs/latest/concepts/authentication.html for technical details.
Data stored on Firebase database
- Board ids to associate session data.
- Ids of users participating in any Agile Poker session.
- Ids of voted issues and active issue.
- Votes of users per issue.
- Session state (open/closed flag).
We store the minimal amount of data needed to provide our service.
We don't store issue summaries, descriptions, comments nor other sensitive information. We don't store full user names nor e-mails but we use user keys provided by JIRA instead.
Application database is secured using security mechanism provided by Heroku. See https://www.heroku.com/policy/security#postgres for details.
Firebase database is secured using Firebase security rules. Each user in your JIRA instance has access to all data listed in section Stored data for all your poker sessions. Anonymous users and users from different JIRA instances do not have access to your data.