29th Nov 2023

 

Overview


This is a data security and privacy statement for Metricus Jira Applications, including Workflow Analytics and Workflow Optimizer.  This statement applies to both cloud and data center versions of the applications.

 

Permissions Scope


The applications require the following permissions;


read:jira-work

required to read issue data

storage:app

required to store the data model and activity entities


read:group:jira

required by the admin component of the applications (within Manage Apps) to read the existing groups in your Jira instance


read:jira-user

required by the admin component of the applications (within Manage Apps) to read the existing users in your Jira instance


external:fetch:client

If the option to save the event log is selected in the Admin component of the application, then the event log data is sent via a Rest API at process-optimizer-jira.metricus.com

 

Data Storage


If the option to save the event log IS NOT selected in the Admin component of the application, then no data is transferred outside of your Jira instance as Workflow Analytics and Workflow Optimizer are client React applications


If the option to save the event log IS selected in the Admin component of the application, the event log data consisting of the following:

  • History related to the activity selected, this includes the person ID associated with the history entry
  • Issue #, create time and close time
  • The Issue attributes selected for the data model

is encrypted and compressed, and saved to a MySQL database server in the Western Europe Azure Zone.  The encryption algorithm uses a UUID generated and stored via the Storage API within your Jira instance.   This ensures that it is not possible for Metricus to know what Jira instance a record in the Event Log table relates to, nor is it possible for Metricus to decrypt any data.

 

The Rest API end point is that manages the MySQL connection is  https://process-optimizer-jira.metricus.com 


Data Retention


Any event log data saved is deleted when the application is uninstalled

 

Anonymization


Anonymization of person data is available in a data model by selecting the ‘Anonymize User Data’ option.  This will randomly allocate a user name to ‘Person x’ in the client

 

Hosting


The MySQL database is located in the Western Europe Azure Zone