We take data security very seriously so we use only trusted service providers with the highest security standards. On this page, you will find details on how we secure our clients' data. If you think something is missing or you have any security related questions please let us know at Spartez Software Support Portal or email@example.com.
- providers with this label are our data sub-processors as defined by European General Data Protection Regulation (GDPR)
Agile Poker Cloud runs on Heroku environment. Besides the application itself, Heroku stores application access logs that contain user IP, user key, instance URL and user JWT token. These logs are purged after 365 days.
Heroku Postgres stores data provided during the installation handshake. Stored keys authenticate us to clients' instances.
The database is secured using a security mechanism provided by Heroku. See https://www.heroku.com/policy/security#postgres for details.
Firebase is a real-time shared database. We use it to synchronize session data in real time between users.
Firebase database is secured using Firebase security rules. Each user in your Jira instance has access to all data listed in section Stored data for all your poker sessions. Anonymous users and users from different Jira instances do not have access to your data. We also store 30 daily backups of this database.
We don't store issue summaries, descriptions, comments nor other sensitive information. We don't store users' full names nor e-mails but we use user keys provided by Jira which can contain them.
Bugsnag is a tool for reporting of in-browser errors. It allows us to fix errors before people report them to us.
We use AWS to send email notifications to participants (i.e. about asynchronous session start)
We use Heroku addon Papertrail to store application logs. Logs are in the system for 14 days. Log archives are stored from the last 365 days. Papertrail allows us to analyze application's behavior after an incident occurs.
If you would like us to skip processing logs from your instance, please let us know at firstname.lastname@example.org
For a better understanding of our clients, we collect anonymous statistics of the plugin usage. These statistics tell us how we should develop our plugin to make our clients happy.
The following table is intended to give you a complete understanding of the policy that we use to collect analytics data.
This table is not intended to list all the possible events collected by the add-on. It is however intended to list all rules and exceptions from those rules so that you are able to assess whether something can be collected or not.
|User interface and usage|
Displaying and interacting with all components and pages added by Agile Poker including:
Interacting means clicking on the components or changing their state.
|Flags and statistics|
We collect boolean flags and statistic numbers from entered data. This applies to data gathered via add-on components or pages (including configuration and usage pages). For example:
Flags and statistics do not contain any user-created data.
We collect a few general context values from Jira.
Context parameters do not contain any user-created data.
In Google Analytics we do not collect any data but the minimal and anonymous data based on the rules described above. In particular, we do not collect any information about users, issues, values of comments, or any identifiable information about the Jira instance itself.
We encourage you to keep Google Analytics enabled. Using anonymous usage statistics we improve Agile Poker for Jira to fit our clients' needs better. If you want to disable Google Analytics despite this fact you can follow instructions on page Standard Session Configuration.