Data Security & Privacy
All Alpinate apps are built on Atlassian Forge, which means they run entirely on Atlassian's infrastructure. Here's what that means for your data.
Data Handling
| Question | Answer |
|---|---|
| Do apps store data outside Atlassian? | No |
| Do apps process data outside Atlassian? | No (except GitHub Markdown Sync, which fetches files from the GitHub API) |
| Do apps log end-user data? | No |
| Is data shared with third parties? | No |
| Where is data stored? | Exclusively within Atlassian apps and services |
GDPR
All Alpinate apps act as data processors under GDPR. The specific data processed varies by app:
| App | Data Processed |
|---|---|
| JQL Calculator | Issue metadata (issue counts from JQL results) |
| Velocity Dashboard | Sprint data (velocity, story points, issue counts) |
| Label Manager | Issue labels and metadata (issue keys, label assignments) |
| Parent-Child Sync | Issue metadata (status, parent-child relationships) |
| GitHub Markdown Sync | Confluence page content, GitHub repository content (Markdown files) |
None of our apps act as GDPR data controllers.
Authentication & Permissions
- All Jira/Confluence API calls use
asUser(), ensuring results respect the current user's permissions - No OAuth tokens are stored (except GitHub PATs for Markdown Sync, stored securely in Forge KVS)
- No personal data is collected or stored
Security Contact
For security inquiries: support@alpinate.com