1. How the application processes the data and how the deletion deadlines
Our apps only process the data with user’s interference, after uninstalling the data still remains and will be deleted at our periodic maintenance.
2. The end-user data processing/storage
We store only the data generated by our apps with user’s interference.
The data is stored on our infrastructure which is cloud-native (Google Cloud & AWS)
3. Comply General Data Protection Regulation (EU GDPR)
We don’t store personal data so GDPR is not applicable.
We are SOC2 Type II compliant for security and data processingData Processing and Deletion:
Our applications only process data when users interact with them. Even after uninstallation, data persists until periodic maintenance, at which point it is securely deleted.
End-User Data Processing/Storage:
We exclusively store data generated by user interactions with our applications.
The data resides on our cloud-native infrastructure, utilizing Google Cloud and AWS services
Data Handling with Jira Integration:
Our app interacts with Jira via REST API; we don't collect or store Jira data.
User-generated data (e.g., app settings, preferences) is stored in our Google Cloud Database.
Data retention after uninstallation is 90 days.
Regular penetration tests are conducted, and our apps are "Cloud Fortified," monitored, and audited by Atlassian.
Security Measures for User-Generated Data:
No personal or sensitive data is stored, hence no encryption is applied.
Daily automatic backups of user-generated data are implemented.
GDPR Compliance and Security Measures?
GDPR is not applicable as we don't store personal data.
SOC2 Type II compliance ensures robust security and data processing standards.
Additional Assurance and Reporting:
SOC2 Type II compliance is reiterated, and an attached report provides detailed insights into our adherence to security standards.
View file name DevSamurai, Inc. SOC2 Type II Report - Final.pdf