Security statement

This security statement applies to the Cloud version of the ITSM Reports.

We are committed to improving our security posture. That’s why we created this page to answer basic questions about security in the ITSM Reports app. For company-level security approach, please refer to the Trust Center.

Architecture

ITSM Reports is built on the Forge platform. The app connects to Jira using OAuth2. It’s written in React and TypeScript.

What customer data does the app process?

We process accountIds, email addresses, display name.

What data does the app store?

The app stores API Token for the integration with Assets.

Where are the data stored?

All data are stored on the Atlassian infrastructure. Templates data is stored in Jira (via UIM entities). The app configuration is stored via Forge Storage.

What permission does the app require?

Does the app encode all data in transit and at rest?

Yes.

Does the app support data residency?

Yes, thanks to using the Atlassian Forge platform. Here is the official announcement from Atlassian: https://www.atlassian.com/blog/developer/data-residency-is-coming-soon-in-beta-to-forge-hosted-storage-take-action-now-to-support-your-customers

Does the app have a data retention policy?

Yes. Upon written request, Appsvio and Atlassian will delete all End User Personal Data (including copies). More information is available in Forge DPA.

Does the app have a data backup policy?

Yes. More information is available in https://www.atlassian.com/trust/security/data-management

Useful links and more information Privacy Policy of Appsvio apps

If you have any questions about the security, e-mail security@appsvio.com.

Last updated