SFJ: Security Hub

Owned by Liudmyla Pikulina
Last updated: Oct 11, 2024
4 min read

Certifications

Fortified.png

 

Cloud Fortified

The Cloud Fortified Apps Program aims to serve our largest customers and those with more business-critical operating requirements for apps.

Fortified.png

 

Cloud Fortified

The Cloud Fortified Apps Program aims to serve our largest customers and those with more business-critical operating requirements for apps.

 

 

Marketplace Security Bug Bounty Program

A bug bounty program is one of the most powerful post-production tools to help detect vulnerabilities in applications and services.

 

 

Marketplace Security Bug Bounty Program

A bug bounty program is one of the most powerful post-production tools to help detect vulnerabilities in applications and services.

 

Security Assessments

The term “security assessment” refers to any activity intended to determine, evaluate, or test the security features and controls of Atlassian’s products and services.

 

Security Assessments

The term “security assessment” refers to any activity intended to determine, evaluate, or test the security features and controls of Atlassian’s products and services.

 

 

SaaSJet is a Platinum Marketplace Partner

What does “Platinum partner” mean? According to annual gross sales ("Purchase Price" in Marketplace reports), a minimum $1M annual gross sales comprised a minimum of 35% from the cloud.

 

 

SaaSJet is a Platinum Marketplace Partner

What does “Platinum partner” mean? According to annual gross sales ("Purchase Price" in Marketplace reports), a minimum $1M annual gross sales comprised a minimum of 35% from the cloud.

Security

System and Organization Controls - SOC 2

SOC 2 reports are independent third-party examination reports demonstrating how an organization achieves key compliance controls and objectives.

  • What Atlassian says about Trust Service Criteria (TSC) - read more

  • SaaSJet is SOC 2 Type 2 compliant - read more

System and Organization Controls - SOC 2

SOC 2 reports are independent third-party examination reports demonstrating how an organization achieves key compliance controls and objectives.

  • What Atlassian says about Trust Service Criteria (TSC) - read more

  • SaaSJet is SOC 2 Type 2 compliant - read more

 

CAIQ-Lite

CAIQ Lite is a simplified version of the Consensus Assessments Initiative Questionnaire (CAIQ), which is designed to assess the security posture of cloud service providers.

Atlassian requires all Platinum, Gold, and Silver Marketplace Partners to complete the CAIQ-Lite questionnaire, which it then reviews.

  • What Atlassian says about the security of the cloud ecosystem - read more

 

CAIQ-Lite

CAIQ Lite is a simplified version of the Consensus Assessments Initiative Questionnaire (CAIQ), which is designed to assess the security posture of cloud service providers.

Atlassian requires all Platinum, Gold, and Silver Marketplace Partners to complete the CAIQ-Lite questionnaire, which it then reviews.

  • What Atlassian says about the security of the cloud ecosystem - read more

 

 

Security Contact

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please contact us at security@saasjet.com

 

 

Security Contact

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please contact us at security@saasjet.com

Support

 

 

Working hours: Mon-Fri 24hrs GMT+3

Phone: +1 888 396 0501

Book a demo session: click to schedule an online free demo

Support portal: click to create a ticket

Help: Read the documentation

 

 

Working hours: Mon-Fri 24hrs GMT+3

Phone: +1 888 396 0501

Book a demo session: click to schedule an online free demo

Support portal: click to create a ticket

Help: Read the documentation

We understand that data security is of utmost importance to our users. The information below outlines the types of data stored by Smart Forms for Jira, associated security measures, and storage periods, addressing your data privacy concerns.

Data storage

  • Data Stored in our MongoDB Database

    • Form Templates: We store the structure of your created form templates. This includes field names, types, and configuration settings.

    • Non-Task-Bound Form Submissions: If you use the "Share a form from the add-on page" feature, submission data not directly linked to a Jira task is stored.

    • User ID: We associate a unique User ID with form submissions and drafts to facilitate tracking and management within our system.

  • Data Stored within Jira

    • Task-Related Submissions and Drafts: When you directly submit forms to Jira tasks, form data, and drafts are stored within the Jira system.

Important Note: We do NOT store personal user data such as emails or names while you are using our applications. We can store your personal information in 2 cases:

  •  to reply to your request if you send it directly to us for some reason.

  •  if your name and email are specified as your organization’s billing or technical contact during the subscription process.

We don’t gather it by ourselves. We see only the information you have specified.

Data Retention Period

  • Add-on Information: (Text, Atlassian ID) Stored until you or an authorized user deletes it.

  • Deactivated/Terminated Accounts: Data remains accessible for team members/users until no longer needed.

  • Uninstalled App: By standard data is stored for 90 days to allow renewal. After that, your form data is automatically deleted.

Data Security

Data is secured by:

  • Encryption: Protecting your data in transit and storage.

  • Strict Access Controls: Limiting database access to authorized personnel only.

  • System Updates and Monitoring: Keeping everything up-to-date and watchful for any issues.

Add-on internal restrictions

Smart Forms for Jira allows to limit access to form content and settings editing, as well as viewing and downloading responses in the issue where the form was added, in the new issue that the form created, and of course in the add-on Response tab. However, those restricted users can still add a form to an issue and fill it out. If a user lacks access to the form, it appears disabled for them, but they can still see its name. Read more about this feature.

Changes to Policy

Any significant changes that occur in our data security and retention practices will be communicated on our website.

Read about the SaaSJet Privacy Policy ->

 

For more details about canceling and uninstalling an app, please visit the App Subscriptions: Cancellation, Uninstalls, Refund & Renewal FAQ page.

Request a demo call