Effective starting: 27 April, 2020
Railsware Products, Inc., United States of America company registered office: 679 Titicus Road North-Salem, New York 10560, USA (herein “Railsware”, “us”, “our”, or “we”), focuses on assuring that the Smart Checklist for Jira. Enterprise (cloud version) and Smart Checklist for Jira. Free Trial (cloud version) available on the Atlassian Marketplace (the “Add-on”, or “Product”), as well as the general ecosystem provide a safe environment for the Marketplace Add-on pages visitors, as well as Customers and users (herein “Customer”, “you”) of our products.
Railsware is not established in the European Union, but it may process and store Personal Data of EU and other citizens, who on their free will may submit support requests, provide feedback or perform other activities, which may result in supplying us with their Personal and/or Navigational Information. This Policy also explains how data subjects including the Add-on Marketplace pages visitors, as well as Customers and users may exercise their rights to obtain, access, erase, use and rectify their Personal Information that was shared with us.
2. Add-on’s Visitor and Customer Data
2.1 Data You Provide
We may collect and process the information you provide us when you participate in a Railsware survey, send us an email, submit a support and/ or feature request, or in any other way and on your free will deliver it to us. This data may include your first and last name, your email, and any additional information that you supply us with and/or that is required to address your request.
2.2 Data We Collect Automatically
Atlassian provides us with the technical and billing contacts of the Add-on evaluation user or Customer, including their first and last name, the name of the company and the country where it is based, as well as their Jira instance subscription tier, and the Partner name and their email if the latter assisted you with the Add-on integration. We keep record of this data.
When you enter the Add-on Marketplace pages, we will gather the following data from your device:
- The device type
- The browser you are using
- Operating System (OS)
- The source you used to enter the Marketplace page: direct, a referral site, search engine or social sites and applications
We may also monitor your online behavior, including the time of your visit, your online activity on the Add-on Marketplace pages including the URL clickstream, the pages you visited, the time you spent viewing them, and the frequency of your visits. We also collect demographic information about the Add-on Marketplace pages visitors that helps us improve the content and tailor it to their requirements.
We may also collect, process and store the add-on usage history and statistics. This data helps us manage Add-ons, analyze general online behavior and add-on usage trends, which, in the end, allows us to understand what functionality users expect and require from the product.
We gather this data automatically through the commonly used data-gathering technologies, like cookies, beacons and other.
3. Types of Information
When you browse the Add-on Marketplace pages or use the Add-on, we may collect some Personal and Navigational Information.
3.1. Personal Information
After you install the Add-on on your instance, Railsware gains access to some Personal Information of the technical and billing contact representative at your company that you earlier provided Atlassian with when registered an account in Jira.
Under ‘Personal Information’ we understand the first and last names, email addresses, the company name, as well as any other information that refers to you or your workplace (business) that Atlassian shares with Railsware when a user installs the Add-on on their Cloud instance.
When you use the Add-on, we may assign a User ID that is associated with the use of the product and your account, and is being collected to provide us with the Add-on usage statistics
Personal Information also refers to other information that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, and includes any other publicly available data that you previously agreed to share and that is available from other service providers.
3.2 Checklist Contents
Railsware stores checklist contents to fulfill our contractual obligations. We don’t store data about projects, issues, users that are not related to checklists.
We record the time when a checklist was changed and store this data until a user deletes it.
When a user clears their checklist contents, the deleted in this way data is completely removed from the system.
3.2.1 Data Storage
We use Heroku platform to run our services and host Postgres DB to store Smart Checklist specific data.
Heroku provides appropriate security on environmental, systems and data level. Read more about measures they take here.
All data transmission is encrypted with Transport Layer Security (TSL) technology.
The retention period of backups is four (4) days. This allows us to roll back to a specific point in time, when necessary.
We take the appropriate measures in order to ensure a high level of checklist contents security.
3.3 Navigational Information
‘Navigational Information’ refers to your computer and your visits to the Marketplace pages such as your geographical location, browser type, source, length of visit and pages viewed.
When you browse the Marketplace pages, we may also collect a Client ID that is assigned to your browser but does not refer to neither your account nor your Personal Data.
3.3.1 Cookies Definition and Categories
Cookies are small files which are received from a web server and are either stored on your web browser until its expiry date, or until the end of each session. You may not agree to accept cookies and refuse them.
Our Site and Add-ons incorporates different cookies that are divided into several categories:
- Essential cookies are necessary to provide you with the Add-on core services and functionality.
- Analytics cookies help us understand how our Add-on Marketplace pages and Add-on are being used, how good our marketing campaigns perform, and based on the information - customize and enhance both the Add-on Marketplace pages and te Add-on for you.
- Performance cookies improve the Add-on Marketplace pages and the Add-on performance by leveraging non-essential functionality, such as but not limited to allowing communication with the Railsware support team and enabling submission of support requests.
3.3.2 Cookies Served by Atlassian When our Cloud Instance Add-on is Active
|Company or service that provides this cookie|
How to opt out
|_ga (served on the Atlassian Marketplace page)|
|2 years||Used to distinguish users.|
|_gid (served on the Atlassian Marketplace page)||24 hours||Used to distinguish users.||https://tools.google.com/dlpage/gaoptout|
|ajs_group_id||1 year||Used to collect data about visitor’s activity on the Site and how we can target user groups for marketing purposes.|
|ajs_user_id||1 year||Used to assign a unique ID to each visitor and collect data about visitor’s activity on the Site.|
|atlassian.xsrf.token||At the end of every session or when the browser is closed.||Helps prevent XSRF attacks. Ensures that during a user's session, browser requests sent to a JIRA server originated from that JIRA server. For more information about XSRF checking by JIRA, see Form Token Checkingon the Atlassian Developers site.|
|cloud.session.token||Deprecated cookie||JIRA Authentication Cookie.|
3.3.3 Disabling Cookies
The Add-on Marketplace pages’ visitors, as well as the Add-on users and Customers have the right to opt out from using the cookies on the Add-on Marketplace pages and as part of the Add-ons. To reject these cookies, you can either follow the instructions provided in the table above, or amend your web browser settings and either accept or refuse these cookies.
In addition, we allow users to opt out from the Add-on activity-related tracking by visiting the Add-on settings, then going to ‘Support’, and ticking the box “disable all tracking and support scripts”.
Opting out from the Essential cookies may result in not being able to access certain functionality that is available on the Add-on Marketplace pages and as part of the Add-on.
Here are the links to different web browsers where you can amend your browser preferences, and either enable or disable cookies:
You can also opt out from the targeted advertising, like Google Adwords. In order to do so, please visit https://support.google.com/ads/answer/2662922?hl=e
3.4 Sensitive Information
Railsware does not intentionally collect, and the Marketplace visitors, as well as the Add-on users and Customers should not provide any information about your medical or health condition, race and ethnic origin, political opinions, religious and philosophical beliefs, as well as bank account information, bank card details, TAX and passport numbers, driver’s license or other similar personal identifiers.
4. Use of the Information We Collect
4.2 How We Use Personal Information We Collect
We use Personal Information we collect from the Add-on users and Customers in order to:
- Analyze the market and the Add-on target audience.
- Contact the Customer technical and billing representatives in order to resolve urgent issues.
- Provide the Customer technical and billing representatives with educational information that they may find helpful when applying the Add-on at their working environment.
- Communicate with the Customer technical and billing representatives, inform them about important product- and company-related updates.
- Manage the Add-on’s security and administration.
- Respond to customer support and other Add-on-related requests.
- Hold surveys, send out questionnaires that help us understand our Customer requirements and expectations from the Add-on, its Marketplace pages, support or any other services that we provide.
4.3 How We Use Navigational Information We Collect
- Enhance customer user experience while browsing the Add-on Marketplace pages or while using the Add-on.
- Manage the Add-on Marketplace page content and customize it according to the user preferences.
- Distribute other targeted and personalized marketing information.
- Put together and analyze the statistic data of the Add-on Marketplace pages and the usage of the Add-on to tailor our development activities to meet our users’ and Customers’ needs.
4.4 Service Providers
4.5 Information Security
Railsware applies different security technologies, guidelines and procedures to ensure complete security, as well as full confidentiality of the Personal Information you provide. We also take measures to avoid unauthorized access to personal data and electronic communication systems. Your Personal Information is securely stored on servers and protected from unauthorized usage, leak and exposure.
The actions we take to ensure highest security standards are as following:
- We store data in secure and reliable data centers, and perform regular backups (please read clause 3.2.1 of this Policy to learn more about these two notions).
- We perform security testing by our internal team, as well as complete security audits by external certified to do this type of services consultancy firms.
- We undertake the necessary measures to protect our product from various web attacks.
- We apply data encryption using the Transport Layer Security cryptographic protocols to provide communications security over a computer network.
For any questions that relate to the security of your Personal Information, please email us at email@example.com
4.6 Links and Third-Party Sites
4.7 Third-Party Services
The Add-on Marketplace pages include third-party systems that allow for a support request, product-related idea and/or feedback submission. When you use this systems to submit any of the above-mentioned requests, we may ask you to provide us with your name and email so that our team can action and respond to these messages.
You can use the support system located in the bottom right corner by either going to Jira Software - Jira Settings - Apps - Smart Checklist - Settings, or open a Smart Checklist Markdown editor.
4.8 Personal Information Retention
Railsware will retain your Personal Information for the period required to fulfill the obligations it took as an Add-on provider, or unless a longer period of time is required by law for tax, legal or other regulatory reasons. Railsware will delete all Personal Information at the earliest date per your request.
4.9 Сompelled Disclosure
Railsware reserves the right to disclose personal data to public authorities in accordance with a legal liability to perform their duties, such as customs and tax authorities, financial investigation units, judicial administration and other parties if the EU or the Railsware’s representative member state law allows to exercise such disclosure in the public interest, including protection of your and other people’s safety.
5. Data Subject Rights
5.1 The Add-on Marketplace pages Visitor and the Add-on User Rights
Our Add-on Marketplace page visitors, as well as Add-ons Customers and users have the following rights:
- To request access to your Personal Information
- To remove consent from being contacted by email, phone and other means of communication
- To request for all Personal Data that was received from you to be deleted from all our records
- To request that we update, correct or remove any omissions in your Personal Information that we store
- To opt out from all kinds of direct marketing and other communication
- To request us to delete your Personal Information
- To object the processing of your Personal Information, or ask us to restrict the processing of your Personal Information, or request portability of your Personal Information
- To withdraw your consent from collection and processing of your Personal Information at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
- To complain to a data protection authority about our collection and use of your Personal Information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the USA and Canada) are available here.)
In order to exercise any of these rights, please email us at firstname.lastname@example.org. We will provide response to your request as soon as possible, informing you about the steps we have taken to ensure that your rights are exercised.
5.2 Opting Out from Our Communications
You may opt out from our marketing communications by pressing the ‘unsubscribe’ link, which is located at the bottom of our email, or sending your unsubscribe request at email@example.com
You cannot unsubscribe from our transactional emailing, and other communication which may also include crucial information about the Add-on functionality updates.
5.3 Children’s Information
The Add-on Marketplace pages and the Add-on itself are not intended for children's use. We do not knowingly accumulate any data from children under the age of 16. If you think that we might have gathered some information from children under the age of 16, please let us know at firstname.lastname@example.org and we will delete this data from our databases and other applicable resources, if any.
6. International Transfer of Information
6.1 The International Transfer and the Privacy Shield
6.2 Privacy Shield Notice
Railsware participates and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. The following software products adhere to the Privacy Shield principles: Mailtrap application, Smart Checklist add-on for Jira.Enterprise (Cloud, Server and Data Center versions), Smart Checklist for Jira.Free Trial (Cloud version). Railsware is committed to subjecting all Personal Data received from the European Union (EU) member states and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
Railsware is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Railsware complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, Railsware is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Railsware may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
You may direct any inquiries or complaints related to our Privacy Shield compliance to email@example.com. If you have an unresolved privacy or data use concern that we have not addressed satisfactory, you may contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
Under certain conditions, which are fully explained on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Railsware uses a range of third-party sub-processors that are authorized to process the Add-on user and Customer data, and help us deliver the Add-on functionality, as well as the accompanying support services in full.
8. General Clauses