We are committed to improving our security posture. That’s why we created this page to answer basic questions about security in the Feature Bundle app. For company-level security approach, please refer to the Trust Center.

Architecture

Feature Bundle is a Connect app. It’s written in Java in the backend and React in the front end. The app is hosted on Heroku.

What do the data flows look like?

What do the architectural diagrams look like?

What data does the app process?

The app process user data (accountId, email, locale, etc.), user permissions, organizations information, issue data, Jira configuration (application properties, statuses, roles, workflows), request type information, service desk project information, Insight objects information

What data does the app store, and where?

Each feature proceeds with the data in a different way. We have a list of the features from the app below with comments. All data are stored in the Heroku Postgres in the US region.

What permission does the app require?

This app requires five permissions:

• View email addresses of users

• Administer the host application

• Administer Jira projects

• Delete data from the host application

• Write data to the host application

• Read data from the host application

Does the app encode all data in transit and at rest?

Yes.

Does the app support data residency?

No. If you are interested in enabling your region, please get in touch with us at support@appsvio.com

Does the app have a data retention policy?

Yes. The data are deleted 90 days after the app is uninstalled or after the first site’s inactivity. More information is available in Data Retention Policy.

Does the app have a data backup policy?

Yes. More information is available in Data Backup Policy.

Useful links and more information Privacy Policy of Appsvio apps

If you have any questions about the security, e-mail security@appsvio.com