Privacy Policy (Smart Checklist for Jira. Cloud version)

Effective starting: 18 June 2021

1. Introduction

Railsware Products Studio, Inc., United States of America company registered office: 118 Coalpit Hill Road Danbury, CT 06810 US (herein “Railsware”, “us”, “our”, or “we”), focuses on assuring that the Smart Checklist for Jira. Enterprise (cloud version) and Smart Checklist for Jira. Free Trial (cloud version) available on the Atlassian Marketplace (the “Add-on”, or “Product”), as well as the general ecosystem provide a safe environment for the Marketplace Add-on pages visitors, as well as Customers and users (herein “Customer”, “you”) of our products.

We are dedicated to protecting your privacy. This Privacy Policy (herein the “Policy”) applies to the Add-on Marketplace pages and the Add-on itself as a Railsware product and administers the ways we collect, process, and store data. It explains what types of data we collect, how we collect it, and why. The Policy has a direct reference to the Railsware Terms of Service Agreement and applies to it.

Railsware is not established in the European Union, but it may process and store Personal Data of EU and other citizens, who of their free will may submit support requests, provide feedback or perform other activities, which may result in supplying us with their Personal and/or Navigational Information. This Policy also explains how data subjects including the Add-on Marketplace page visitors, as well as Customers and users, may exercise their rights to obtain, access, erase, use and rectify their Personal Information that was shared with us.

2. Add-on’s Visitor and Customer Data

2.1 Data You Provide

We may collect and process the information you provide us when you participate in a Railsware survey, send us an email, submit support and/ or feature request, or in any other way and on your free will deliver it to us. This data may include your first and last name, your email, and any additional information that you supply us with and/or that is required to address your request.

2.2 Data We Collect Automatically

Atlassian provides us with the technical and billing contacts of the Add-on evaluation user or Customer, including their first and last name, the name of the company and the country where it is based, as well as their Jira instance subscription tier, and the Partner name and their email if the latter assisted you with the Add-on integration. We keep a record of this data.

When you enter the Add-on Marketplace pages, we will gather the following data from your device:

  • The device type

  • The browser you are using

  • Operating System (OS)

  • The source you used to enter the Marketplace page: direct, a referral site, search engine, or social sites and applications

We may also monitor your online behavior, including the time of your visit, your online activity on the Add-on Marketplace pages including the URL clickstream, the pages you visited, the time you spent viewing them, and the frequency of your visits. We also collect demographic information about the Add-on Marketplace pages visitors that helps us improve the content and tailor it to their requirements.

We may also collect, process, and store the add-on usage history and statistics. This data helps us manage Add-ons, analyze general online behavior and add-on usage trends, which, in the end, allows us to understand what functionality users expect and require from the product.

We gather this data automatically through the commonly used data-gathering technologies, like cookies, beacons, and others.

3. Types of Information

When you browse the Add-on Marketplace pages or use the Add-on, we may collect some Personal and Navigational Information.

3.1. Personal Information

After you install the Add-on on your instance, Railsware gains access to some Personal Information from the technical and billing contact representative at your company that you earlier provided Atlassian with when registered an account in Jira.

Under ‘Personal Information’ we understand the first and last names, email addresses, the company name, as well as any other information that refers to you or your workplace (business) that Atlassian shares with Railsware when a user installs the Add-on on their Cloud instance.

When you use the Add-on, we may assign a User ID that is associated with the use of the product and your account and is being collected to provide us with the Add-on usage statistics

Personal Information also refers to other information that is available on the internet, such as from Facebook, Linked In, Twitter and Google, and includes any other publicly available data that you previously agreed to share and that is available from other service providers.

3.2 Checklist Contents

Railsware stores checklist contents to fulfill our contractual obligations. We don’t store data about projects, issues, users that are not related to checklists.

We record the time when a checklist was changed and store this data until a user deletes it.

When a user clears their checklist contents, the deleted in this way data is completely removed from the system. 

3.2.1 Data Storage

We use the Heroku platform to run our services and host Postgres DB to store Smart Checklist-specific data. 

Heroku provides appropriate security on environmental, systems, and data levels. Read more about measures they take here.

All data transmission is encrypted with Transport Layer Security (TSL) technology.

The retention period of backups is four (4) days. This allows us to roll back to a specific point in time, when necessary.

We take the appropriate measures in order to ensure a high level of checklist content security.

3.3 Navigational Information

‘Navigational Information’ refers to your computer and your visits to the Marketplace pages such as your geographical location, browser type, source, length of visit, and pages viewed.

When you browse the Marketplace pages, we may also collect a Client ID that is assigned to your browser but refer to neither your account nor your Personal Data.

3.3.1 Cookies Definition and Categories

Cookies are small files that are received from a web server and are either stored on your web browser until their expiry date or until the end of each session. You may not agree to accept cookies and refuse them.

Our Site and Add-ons incorporates different cookies that are divided into several categories:

  • Essential cookies are necessary to provide you with the Add-on core services and functionality.

  • Analytics cookies help us understand how our Add-on Marketplace pages and Add-on are being used, how good our marketing campaigns perform, and based on the information - customize and enhance both the Add-on Marketplace pages and the Add-on for you.

  • Performance cookies improve the Add-on Marketplace pages and the Add-on performance by leveraging non-essential functionality, such as but not limited to allowing communication with the Railsware support team and enabling submission of support requests.

3.3.2 Cookies Served by Atlassian When our Cloud Instance Add-on is Active

 



Cookie Name



Category



Expiration Date



Description

Company or service that provides this cookie



How to opt-out



Cookie Name



Category



Expiration Date



Description

Company or service that provides this cookie



How to opt-out

_ga (served on the Atlassian Marketplace page)


Analytics

2 years

Used to distinguish users.


Google Analytics

To refuse these cookies, please follow the general browser rules explained in the ‘Disabling Cookies’ part of this Privacy Policy, or visit this page:

_gid (served on the Atlassian Marketplace page)

24 hours

Used to distinguish users.

https://tools.google.com/dlpage/gaoptout



ajs_anonymous_id

Performance and Analytics

1 year

Used to to track new and returning visitors and count how many people visit the Site.

Segment.io

To refuse these cookies, please follow the Add-on activity-related rules explained in the ‘Disabling Cookies’ part of this Privacy Policy.

ajs_group_id

1 year

Used to collect data about visitor’s activity on the Site and how we can target user groups for marketing purposes.

ajs_user_id

1 year

Used to assign a unique ID to each visitor and collect data about visitor’s activity on the Site.



AJS.conglomerate.cookie

Essential

One year from the date it is set or was last updated.

Tracks which general tabs were last used (e.g. in JIRA's plugin manager) or expansion elements were last opened or closed.

Atlassian

To refuse these cookies, please follow the general browser rules explained in the ‘Disabling Cookies’ part of this Privacy Policy.

atlassian.xsrf.token

At the end of every session or when the browser is closed.

Helps prevent XSRF attacks. Ensures that during a user's session, browser requests sent to a JIRA server originated from that JIRA server. For more information about XSRF checking by JIRA, see Form Token Checkingon the Atlassian Developers site.

cloud.session.token

Deprecated cookie

JIRA Authentication Cookie.



3.3.3 Disabling Cookies

The Add-on Marketplace pages’ visitors, as well as the Add-on users and Customers, have the right to opt-out from using the cookies on the Add-on Marketplace pages and as part of the Add-ons. To reject these cookies, you can either follow the instructions provided in the table above or amend your web browser settings and either accept or refuse these cookies.

In addition, we allow users to opt-out from the Add-on activity-related tracking by visiting the Add-on settings, then going to ‘Support’, and ticking the box “disable all tracking and support scripts”.

Opting out from the Essential cookies may result in not being able to access certain functionality that is available on the Add-on Marketplace pages and as part of the Add-on.

Here are the links to different web browsers where you can amend your browser preferences, and either enable or disable cookies:

You can also opt out of the targeted advertising, like Google Adwords. In order to do so, please visit https://support.google.com/ads/answer/2662922?hl=e

3.4 Sensitive Information

Railsware does not intentionally collect, and the Marketplace visitors, as well as the Add-on users and Customers, should not provide any information about your medical or health condition, race, and ethnic origin, political opinions, religious and philosophical beliefs, as well as bank account information, bank card details, TAX and passport numbers, driver’s license or other similar personal identifiers.

4. Use of the Information We Collect

4.1 Compliance with this Privacy Policy

Railsware uses the data it collects only in compliance and according to this Privacy Policy. Therefore, both the Marketplace page visitors and the Add-on Customers and users should read this Privacy Policy carefully and other agreements published on the Add-on Marketplace pages or as part of the Add-on before proceeding with browsing the Add-on Marketplace pages or using this Add-on.

4.2 How We Use Personal Information We Collect

We use Personal Information we collect from the Add-on users and Customers in order to:

  • Analyze the market and the Add-on target audience.

  • Contact the Customer technical and billing representatives in order to resolve urgent issues.

  • Provide the Customer technical and billing representatives with educational information that they may find helpful when applying the Add-on in their working environment.

  • Communicate with the Customer technical and billing representatives, inform them about the important product- and company-related updates.

  • Manage the Add-on’s security and administration.

  • Respond to customer support and other Add-on-related requests.

  • Hold surveys, send out questionnaires that help us understand our Customer requirements and expectations from the Add-on, its Marketplace pages, support, or any other services that we provide.

4.3 How We Use Navigational Information We Collect

  • Enhance customer user experience while browsing the Add-on Marketplace pages or while using the Add-on.

  • Manage the Add-on Marketplace page content and customize it according to the user preferences.

  • Distribute other targeted and personalized marketing information.

  • Put together and analyze the statistic data of the Add-on Marketplace pages and the usage of the Add-on to tailor our development activities to meet our users’ and Customers’ needs.

4.4 Service Providers

Railsware may employ other organizations and persons (“Agents”) to perform tasks or provide services to the Add-on Marketplace visitors, and Add-on Customers and users, and may need to share your Personal or Navigational Information with them to provide data, products, and services to you. These tasks and services may include marketing and support activities, analyzing different types of data, providing advisory and legal services. In all the cases when Railsware shares your information with such Agents, we will request for the agent to accept and strictly observe our Privacy Policy

4.5 Information Security

Railsware applies different security technologies, guidelines, and procedures to ensure complete security, as well as full confidentiality of the Personal Information you provide. We also take measures to avoid unauthorized access to personal data and electronic communication systems. Your Personal Information is securely stored on servers and protected from unauthorized usage, leak, and exposure. 

The actions we take to ensure the highest security standards are as following:

  • We store data in secure and reliable data centers and perform regular backups (please read clause 3.2.1 of this Policy to learn more about these two notions).

  • We perform security testing by our internal team, as well as complete security audits by external certified to do this type of services consultancy firms.

  • We undertake the necessary measures to protect our product from various web attacks.

  • We apply data encryption using the Transport Layer Security cryptographic protocols to provide communications security over a computer network.

For any questions that relate to the security of your Personal Information, please email us at smartchecklist@railsware.com

The Add-on Marketplace pages may include links to third-party websites. These websites may offer certain services to end-users. Railsware does not take any responsibility for its content, services, administrators, practices, and policies, and does not endorse them. Railsware also does not bear any responsibility for the privacy of information that you submit on these resources, since this Privacy Policy does not apply to them. We recommend you familiarize yourself with the Privacy Policy and other legal documents before submitting or sharing any Personal Information with them.

4.7 Third-Party Services

The Add-on Marketplace pages include third-party systems that allow for a support request, product-related idea, and/or feedback submission. When you use this system to submit any of the above-mentioned requests, we may ask you to provide us with your name and email so that our team can action and respond to these messages.

You can use the support system located in the bottom right corner by either going to Jira Software - Jira Settings - Apps - Smart Checklist - Settings, or open a Smart Checklist Markdown editor.

4.8 Personal Information Retention

Railsware will retain your Personal Information for the period required to fulfill the obligations it took as an Add-on provider, or unless a longer period of time is required by law for tax, legal, or other regulatory reasons. Railsware will delete all Personal Information at the earliest date per your request.

4.9 Сompelled Disclosure

Railsware reserves the right to disclose personal data to public authorities in accordance with a legal liability to perform their duties, such as customs and tax authorities, financial investigation units, judicial administration, and other parties if the EU or the Railsware’s representative member state law allows exercising such disclosure in the public interest, including protection of your and other people’s safety.

5. Data Subject Rights

5.1 The Add-on Marketplace pages Visitor and the Add-on User Rights

Our Add-on Marketplace page visitors, as well as Add-ons Customers and users, have the following rights:

  • To request access to your Personal Information 

  • To remove consent from being contacted by email, phone, and other means of communication

  • To request for all Personal Data that was received from you to be deleted from all our records

  • To request that we update, correct, or remove any omissions in your Personal Information that we store

  • To opt-out from all kinds of direct marketing and other communication

  • To request us to delete your Personal Information

  • To object to the processing of your Personal Information, or ask us to restrict the processing of your Personal Information or request portability of your Personal Information

  • To withdraw your consent from the collection and processing of your Personal Information at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent. 

  • To complain to a data protection authority about our collection and use of your Personal Information. Contact details for data protection authorities in the EEA, Switzerland, and certain non-European countries (including the USA and Canada) are available here.)

In order to exercise any of these rights, please email us at smartchecklist@railsware.com. We will provide a response to your request as soon as possible, informing you about the steps we have taken to ensure that your rights are exercised.

5.2 Opting Out from Our Communications

You may opt-out from our marketing communications by pressing the ‘unsubscribe link, which is located at the bottom of our email, or send your unsubscribe request to smartchecklist@railsware.com

You cannot unsubscribe from our transactional emailing, and other communication which may also include crucial information about the Add-on functionality updates.

5.3 Children’s Information

The Add-on Marketplace pages and the Add-on itself are not intended for children's use. We do not knowingly accumulate any data from children under the age of 16. If you think that we might have gathered some information from children under the age of 16, please let us know at smartchecklist@railsware.com  and we will delete this data from our databases and other applicable resources if any.

6. International Transfer of Information

6.1 The International Transfer 

To perform our operations, we may transfer and access Personal Information from around the world, including the United States, the EU, and other countries. While transferring the data, we take the necessary measures to safeguard the activity in general, and the Data Subjects in particular to ensure an appropriate level of protection for their fundamental rights. The Privacy Policy shall apply even if Personal Information is transferred or accessed from other countries.

We use third-party services (as described in this Privacy Policy), which may be based in other countries that may not have equivalent Privacy and Data Protection laws to the country in which you reside. When we share information about customers residing in the European Economic Area and Switzerland, we use European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer. 

7. Sub-processors

Railsware uses a range of third-party sub-processors that are authorized to process the Add-on user and Customer data, and help us deliver the Add-on functionality, as well as the accompanying support services in full.

Entity Name

Location

Entity Name

Location

Google Inc.

United States

Amplitude, Inc.

United States

MailerLite

EU

Help Scout, Inc.

United States

Heroku

United States

8. General Clauses

8.1 Changes to the Privacy Policy

We reserve the right to review and make amendments to this policy. When the changes are made, we will publish the link to the new version of the Privacy Policy on the Add-on Marketplace main page, and update the ‘effective starting’ date, which is indicated at the top left corner of this Policy, to the day when the latest amendments were made.

8.2 Contact us

For any additional questions or inquiries about the Privacy Policy, please send an email to smartchecklist@railsware.com