Security & Privacy FAQ page

Owned by Iryna Komarnitska
Jul 03, 2024
7 min read

Certifications

 

ff62fc1c-2563-45b9-8dbd-f4c32f15d65c.jpg

SaaSJet is a Platinum Marketplace Partner

 

What does “Platinum partner” mean? According to annual gross sales ("Purchase Price" in Marketplace reports), a minimum $1M annual gross sales comprised a minimum of 35% from the cloud.

 

image-20240620-082852.png

Cloud Fortified

 

The Cloud Fortified Apps Program aims to serve our largest customers and those with more business-critical operating requirements for apps.

 

Marketplace Security Bug Bounty Program

 

A bug bounty program is one of the most powerful post-production tools for detecting vulnerabilities in applications and services.

Security

 

 

System and Organization Controls - SOC 2

 

SOC 2 reports are independent third-party examination reports demonstrating how an organization achieves key compliance controls and objectives.

  • What Atlassian says about Trust Service Criteria (TSC) - read more

  • SaaSJet is SOC 2 Type 2 compliant - read more

 

 

Security Contact

 

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please contact us at security@saasjet.com

Support

 

 

Working hours: Mon-Fri 24hrs GMT+3

Phone: +1 888 396 0501

Book a demo session: click to schedule an online free demo

Support portal: click to create a ticket

Help: Read the documentation

FAQ

Data storage questions:

Q: Do we collect personal information?

A: We don’t collect any personal information while using our applications. We can store your personal information in 2 cases:

  • to reply to your request if you send it directly to us for some reason.

  • if your name and email are specified as your organization’s billing or technical contact during the subscription process.

We don’t gather it by ourselves. We see only the information you have specified.

 

Q: How is customer data processed?

A: We use it to generate reports in which user names are figured as assignee, reporter, or custom fields during Jira issue processing. We also need it when someone outside your organization creates a report in which your name is specified. We use access to your issues according to the selected filters in the add-on. Then, based on the issue history, we perform the necessary calculations to generate a report for you. All other data is unidentified and hidden from us.

 

Q: What customer data do we store?

A: We can store such information while using the add-on:

  • Technical information;

  • IP addresses;

  • Information about the type of device You use to connect to our Website or Services and

  • How You interact with our Services;

  • Your personal data (only those You have permitted us to gather).

 

Q: Where is customer data stored?

A: We do not store your personal data on our servers. We collect technical information, IP addresses, and information about what type of device you use to connect to our website or add-ons. That information is not transferred outside of our IT system. SaaSJet Apps are hosted in Amazon Web Services (AWS) data centers (N. Virginia and Oregon). The data that is transported to our servers does not contain personally identifiable information.

 

Q: How long do we store your data?

A: We store data for various time periods depending on the circumstances. Information you share in the add-on, such as text and your Atlassian account ID, will be stored until you or an authorized user deletes it. If your account is deactivated, terminated, or disabled, all data and content associated with your account will remain active and accessible for as long as necessary to allow your team members or other users to work with the add-on fully. 

If you uninstall the app, we will store the data for 90 days to allow you to renew your subscription and start using it again. If you would like us to remove the data earlier, please submit your request via support@saasjet.com.

 

Q: Do you encrypt the data you store?

A: We do not store personal information about our customers (names, addresses, emails, accounts). The rest of the service information is encrypted and transmitted using the TLS/SSL protocol and Encryption at rest.

Common security questions:

Q: Do you have security officer in your company?

A: Yes, we have a security officer in the company. Contact at security@saasjet.com

 

Q: What is security monitoring strategy for the servers in AWS?

A:

  • Amazon Cloudwatch

  • Datadog

 

Q: What's your business continuity in times of disruption (COVID,etc.)?

A: We work remotely according to the work schedule. Support center available (email and Jira requests) - 24/7, chat service from 12 pm to 8 pm (GMT+3), and phone service from 9 am to 12 am from Monday to Friday.

Our mission is to ensure information system uptime, data integrity, availability, and business continuity. We have process-level plans for recovering critical technology platforms and the telecommunications infrastructure in case of disaster. Learn more

 

Q: Do developers have access to update the code in production?

A: Only the Lead responsible for the product and the DevOps engineer have access to production for quick response in case of an incident. All code is deployed automatically, and several specialists check each change.

 

Q: Can we access your Jira instance after cancelling?

A: No, we can`t access your data after canceling, but due to the Atlassian Marketplace Licensing System, you can revoke access within 3 business days.

 

Q: Information you give us

A: You may give us some personal information with your consent in such cases:

  • By filling in a form or sending us an e-mail;

  • By contacting us via e-mail or some other medium to request service or support (e.g., Jira Service Desk);

  • Applying for a job at SaaSJet.

  • Installing and using our Apps.

When you contact us via email or through Jira Service Desk, we may ask for your name, email address, and any other information you provide. This additional information can include personal, financial, educational, or employment information. We can also ask for specific information to ensure compliance with legal requirements, such as when you place an order or apply for a job with SaaSJet.

 

Q: Information we collect about you

A: If you visit our website, we automatically collect such information about you:

  • Technical information (configs, save&load information);

  • IP addresses;

  • Information about what type of device you use to connect to our Website or Services; and

  • The manner in which you interact with our add-on.

Any data or information you enter into any forms on our services is only used for the intended purposes or as it’s described in our Privacy Policy.

 

Q: Personally identifiable information (PII)

A: We do not transfer or store PII data on our servers. Some of our apps read the user display name from Jira and show it on an issue or App page when

  • list of issues is generated (issue table);

  • data export to CSV or XLS is created;

  • the “user mention” feature is used (for example, issue comments).

 

Q: Who might we share your information with?

A:

  • We may share the collected information about you (including your personal data) for the following reasons: 

  • If it’s required by law.

  • If you indicate this information in our services (such as when you create or submit a form). In that case, the date and time on and at which you created, modified, or completed a form will only be shared within the various services. This includes sharing the end user’s public display name under which a form or report has been created or inserted. Also, while using some functionality (JSON Data Feed link), you will share generated reports with other people or third-party analytical systems. 

  • You select filters - We generate a report - You share it with others (if necessary) by using the add-on. 

  • If a third party acquires SaaSJet or essentially all of its assets, your personal data held by SaaSJet will be transferred. 

  • If SaaSJet must comply with any legal obligation.

  • if necessary to protect the rights, property, or safety of SaaSJet, our customers, or others.

Data Residency

Q: Does Time in Status support data residency?

A: We are currently working on data residency (Q2 2024). We provide data residency for EU clients (location: Ireland, Dublin)

More info - Understand data residency | Atlassian Support

App questions

Q: Is it possible to provide permission to selected groups and users?

A: Yes, it is possible. According to the permissions section, if your account has administrator rights, select Permissions in the configuration menu to manage the access for additional users who can update the reports, work schedule, and manage permissions. For more information about this option, read here - Permissions in Time in Status add-on.

If you want to make access at the user level, you can create separate groups for the corresponding users.

 

Q: Do you have backup and restore of data?

A: Yes, we have backup / restore policy - Documents are available upon the user's request.

 

Q: Do you have disaster recovery plans?

A: Yes, you can read more here - Documents are available upon the user's request.