Data Security & Privacy Statement

This document is in addition to the 55 Degrees Privacy document, the 55 Degrees Product EULA and the DPA (available upon request) provided by 55 Degrees and explains how Klar stores data. This document will be updated as new features are added to Klar.

Data storage terms and data storage location

• All data is stored and processed using Atlassian’s Forge platform ( https://developer.atlassian.com/platform/forge/ ).

• At no point is any customer-specific data retrieved and stored on any 55 Degrees servers.

• Any configuration done by the end user is stored as in the Atlassian Forge storage.

• Please read the Klar product documentation for further details.

Preferred Vendors

Atlassian Forge is exclusively used for this platform with the exception of any icons that needs to be served from our CDN ( DigitalOcean) due to this not yet being supported by Atlassian Forge.

Logging

Jira Cloud: We make use of http://sentry.io to collect any javascript errors in the browser. For more details about their security & legal statements - please see https://docs.sentry.io/product/security/

Account removal and data retention

This section explains how a customer can close an account and completely remove their data from our service.

Removing the Klar app from your instance will trigger Atlassian Forge to remove any data within 30 days automatically per their agreements with you.

55 Degrees is unable to remove or access data for you.

Please read the Klar product documentation for further details.

Data portability

This section explains if and how a customer can extract their data from your service.

All data is stored in the Atlassian Forge platform storage. 55 Degrees is not able to extract any data from the storage outside of the User Interface.

Please read the Klar product documentation for further details.

Application and infrastructure security

This section explains what security measures we've taken in our application and infrastructure.

• This product runs on the Atlassian Forge platform. We do not maintain any infrastructure provided by 55 Degrees. We do monitor the javascript errors from sentry.

• 55 Degrees team is not able to access any app data outside of when the tool is utilized through the UI.

• Customers are responsible for maintaining the security of their own Confluence and JIRA Cloud login information.

• Customers are responsible for securing the api token generated to submit data.

• Please read the Klar product documentation for further details.

Security disclosure

This section explains how and under what circumstances we notify our customers about security breaches or vulnerabilities and indicate how a user or security researcher should disclose a vulnerability found in our add-on to us.

• Security breaches or vulnerabilities with the proposed solution of the problem are published on our website.

• Customers can report security breaches or vulnerabilities using support@55degrees.se e-mail address.

• Please read the Klar product documentation for further details.

Privacy

Data collected during the use of our add-on will not be shared with third parties except if required by law.