Security statement
This security statement applies to the Cloud version of the Multilevel Select
Last updated
Was this helpful?
This security statement applies to the Cloud version of the Multilevel Select
Last updated
Was this helpful?
We are committed to improving our security posture. That’s why we created this page to answer basic questions about security in the Multilevel Select app.
Since Oct 2023, we've been SOC2 type II compliant to meet the highest and most professional standards.
Architecture
is built on the platform. The app connects to Jira using . It’s written in React and TypeScript.
What does the data flow look like?
TBD
What customer data does the app process?
We process accountIds.
What data does the app store?
The app stores options within the custom fields.
Where are the data stored?
All data are stored on the Atlassian infrastructure. Custom field options and app settings are stored via .
What permission does the app require?
This app requires four permissions:
Take Jira administration actions (e.g. create projects and custom fields, view workflows, manage issue link types).
View audit logs.
View system and custom avatars.
Read custom field contextual configurations.
Read field configurations.
View fields.
View issue details.
View issue meta.
View issue security levels.
View issue types.
View issue changelogs.
View issue votes.
View issues.
View user information in Jira that the user has access to, including usernames, email addresses, and avatars.
Read Jira project and issue data, and search for issues and objects associated with issues like attachments and worklogs.
View the profile details for the currently logged-in user.
View project categories.
View projects.
View statuses.
View user configurations.
View users.
Read and write to the app storage service
Create and update issues.
Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues.
Does the app encode all data in transit and at rest?
Yes.
Does the app support data residency?
Does the app have a data retention policy?
Does the app have a data backup policy?
Yes, thanks to using the Atlassian Forge platform. Here is the official announcement from Atlassian:
Yes. Appsvio and Atlassian will delete all End User Personal Data (including copies) upon written request. More information is available in .
Yes. More information is available in
If you have any questions about the security, e-mail .