Data Storage:
This app does not store, transmit, or retain any customer data outside of the Atlassian platform.
Execution Environment:
The app runs entirely inside Atlassian’s Forge secure sandbox, which isolates, authenticates, and manages all execution.
All data access is controlled via Atlassian-approved OAuth scopes strictly declared in the app manifest.
Data Access:
The app only reads Jira/Assets data that the user explicitly selects.
It performs no writes and does not modify any Jira or Assets content.
External Services:
The app does not connect to any external servers, APIs, or third-party services.
Logging:
No customer content is logged or transmitted.
Logs are limited to operational/debug data inside Forge and are accessible only to the developer.
Compliance & Security:
Security of authentication, storage, networking, and data isolation is provided by the Atlassian Forge platform.
The app inherits Atlassian’s compliance standards (SOC2, ISO27001, GDPR, etc.).