Skip to main content
Skip table of contents

Forge App - Privacy Policy

Privacy Policy for Our Atlassian Forge App

General Information

This privacy policy provides a clear overview of what happens to your personal data when you use our Atlassian Forge app. Personal data includes all data that can personally identify you. Detailed information on data protection can be found in the following sections.

Data Controller Information

The entity responsible for data processing of this app is:

DevOpsSystems GmbH

Benjamin Müller

Saarpfalz-Park 1

66450 Bexbach

Email: info(at)devopssystems.de

Definitions

  • Forge App: An application developed on the Atlassian Forge platform that runs within Atlassian products.

  • Atlassian System: A product developed by Atlassian that serves as the runtime environment for our Forge app (e.g., Jira, Confluence, Bitbucket).

  • Administrators: A group defined by the operator of the Atlassian system with special rights to manage Atlassian systems.

  • Add-on Provider: DevOpsSystems GmbH

What Data is Collected and Stored?

Our Forge app interacts with Atlassian products (e.g. Jira or Confluence) and may, in that context, collect and temporarily store limited personal data to ensure proper functionality. Specifically:

  • Atlassian Account ID: This identifier is stored to associate actions and configurations within the app to specific user accounts.

  • User Credentials: If the app is configured to communicate with external systems (e.g., APIs from Atlassian products), an email address and an HTTP token are required to authenticate and authorize this communication..

  • App-specific configuration data: Stored within the Atlassian Forge environment to maintain app settings and behavior.

  • Log Data: If administrators enable debug logs, the following may be captured temporarily:

    • Action performed

    • Date and time

    • Context data for debugging

Where is This Data Stored?

Since the app runs on the Atlassian Forge platform, all data is stored within the Atlassian cloud infrastructure as provided by the Forge platform. The physical data location is determined by Atlassian and is subject to their data protection and security policies.

Are Data Shared with Third Parties?

No. Our app does not share or transmit data to any third parties. All data remains within the Atlassian ecosystem.

Is User Behavior Analyzed?

No. Our app does not automatically analyze user behavior. Data is only reviewed in response to a support request or for troubleshooting purposes. In such cases, logs can be accessed by the add-on provider.

Who Has Access to the Data and What Permissions Are Required?

Data access is strictly governed by Atlassian Forge’s permission model. Users only access data for which they have explicit permissions. The add-on provider may access data only when necessary and authorized, e.g., for support or troubleshooting.

How Long is the Data Stored?

  • User Identifications and Configuration Data: Stored as long as required for app functionality. Users or administrators can delete this data via app settings or by removing the app.

  • Log Data: Temporarily stored and automatically managed by Atlassian Forge. Access is limited to authorized users.

How Can Users Delete or Correct Their Personal Data?

Due to the limited scope of the data processed, it is generally not necessary to delete personal data. However, administrators can delete all stored data by uninstalling the app or deleting the relevant data in the add-on configuration.

How Can Users Object to Data Storage and Processing?

Since our Forge app does not process personal data (except User Credentials), there is no need for an objection. Users can disable or remove the app at any time to stop processing.

Rights of the Data Subjects

You have the following rights under the GDPR:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object to processing (Art. 21 GDPR)

To exercise these rights, contact us via the contact information listed above.

Legal Basis for Processing

Data is processed based on:

  • Art. 6(1)(b) GDPR – for the performance of a contract (i.e., enabling core app functionality)

  • Art. 6(1)(f) GDPR – legitimate interests (e.g., ensuring stability and security of the app)

Last Updated: Juni 2025

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close