Data and Security FAQ
- Kameliya Magunska
Analytics
Advanced Portal Reports prioritizes data security and privacy by not storing personal or transactional data outside of secure environments. It collects only anonymous usage analytics, with full control for the administrator to disable this, ensuring complete transparency and user control over their data. We have outlined all of this information on the Atlassian Marketplace, complying with all of their requirements to ensure the highest standards of data protection and security.
On this page:
Data Storage
Question: Is client data (such as Jira ticket data and customer data) stored outside their Jira Cloud instance?
Answer: No, Advanced Portal Reports does not store Jira ticket data or customer data outside the Jira Cloud instance. All data is securely stored within the Jira Cloud environment, using Atlassian’s Storage Properties API to ensure data security and compliance.
Data Processing Location
Question: Where is client data processed, and are there any external storage locations?
Answer: All Jira data processing is conducted within AWS Germany for disaster recovery purposes. No customer data is stored or processed in external locations outside of Atlassian’s secure infrastructure.
Security Certifications
Question: Is the vendor (Nemetschek Bulgaria) of Advanced Portal Reports certified for security standards like ISO 27001?
Answer: Yes, Nemetschek Bulgaria is ISO 27001 and ISO 9001 certified, ensuring compliance with industry-leading security and quality standards. These certifications demonstrate our commitment to protecting client data and maintaining secure operations.
Security Testing & Compliance
Question: What security measures, including vulnerability testing and penetration tests, are in place?
Answer: Advanced Portal Reports participates in the Atlassian Marketplace Security Program, which includes regular vulnerability assessments and penetration tests. These security measures help ensure the add-on meets industry-standard security practices and protects client data from potential threats.
Data Privacy
Question: How does Advanced Portal Reports handle personal data such as email addresses or login credentials?
Answer: Advanced Portal Reports does not process or store personal data such as email addresses or login credentials. This ensures the privacy and security of users' sensitive information.
Analytics
Question: What anonymous usage analytics does Advanced Portal Reports collect, and what actions are tracked?
Question: How can clients disable the collection of analytics data in the app settings?
Answer: Advanced Portal Reports collects anonymous usage analytics, including actions like report openings, saving views, and device information. These analytics help improve user experience by understanding how the application is used.
Answer: Clients can fully disable the collection of anonymous usage analytics in the app settings, ensuring no data is collected if they prefer not to share any usage information.
External URL Usage
Question: Why is an external URL (e.g., apps.tools4teams.io) used to access the Advanced Portal Reports feature?
Answer: The use of a separate external URL is an intentional design choice to enhance sharing capabilities and improve functionality in the Cloud environment.
Data Security
Question: Does the use of an external URL affect data security or mean that customer data is stored outside the company domain?
Answer: No, despite using an external URL, no customer data is processed or stored outside of Atlassian’s secure environment. All data remains within the Jira Cloud instance, ensuring data integrity and security.
Legal and Contractual Queries (DPA, DPO, ISO)
Question: Does Advanced Portal Reports have a Data Processing Agreement (DPA), and who is responsible for handling personal data, such as the Data Protection Officer (DPO) or Information Security Officer (ISO)?
Answer: Advanced Portal Reports does not explicitly have a signed DPA with every customer but provides data security assurances through the Atlassian Marketplace framework. The primary data center used for processing is located in Frankfurt (AWS eu-central-1), ensuring compliance with EU data protection laws.
Performance
Question: Has performance testing been conducted for Advanced Portal Reports, and what are the results?
Answer: Yes, performance testing has been conducted, and benchmark results show fast response times, such as the Advanced Report loading time, which is 11 seconds.
Data Residency
Question: Does Advanced Portal Reports store transactional data such as Jira tickets or issues, and where is the data stored?
Answer: No, Advanced Portal Reports does not store transactional data like Jira tickets or issues. Error logs are stored in AWS Germany, and analytics data is stored with Amplitude. User preferences and add-on configurations are stored directly in the customer’s Jira Cloud instance. Additionally, disaster recovery mechanisms are in place through AWS to ensure no data loss in case of an outage.
Service Level Agreement (SLA)
Question: What is outlined in the Service Level Agreement (SLA) regarding response times for critical issues?
Question: How quickly are high-priority issues typically addressed, and what is the usual resolution timeline?
Answer: The Service Level Agreement (SLA) specifies that high-priority issues are typically addressed with a response within 24 hours, ensuring quick support for critical concerns.
Answer: High-priority issues usually receive a response within 24 hours, with resolutions typically completed within a few days, ensuring prompt attention to critical problems.
Please contact our support center ↗ for further questions.