Data security & privacy statement

We know that issues that you keep in JIRA are extremely important to your business and we make sure that data is properly protected. 


  • Continuous security and process compliance monitoring by Vanta

  • Peer review code reviews required

  • Automatic static code analysis scanning

  • Source code dependency scanning

  • Company-wide security awareness training

  • Multi-factor authentication required for all systems

  • Background checks for staff

  • Participate in bug-bounty program







Data storage

JQL Search Extensions system

The following information is stored in the app’s system:

  • installation information necessary for the app to communicate with Jira; including the encrypted token

  • user created queries (su‌bqueries, field match etc.)

  • issues, fields and projects cache necessary to fulfill app’s functional and performance requirements

  • logs for support purposes containing information like Jira issue ids and Jira instance identifiers

Data is automatically removed within a month after uninstallation of the app.

Stored in Jira

Indexing metadata on issues and other Jira entities

Personal data

No personal data is stored by the app by design.

Any user generated content, for example the JQL subquery aliases, require a manual removal by the user if it contains sensitive information.

Where does Digital Toucan stores the data?

Digital Toucan stores data in Atlas Mongo hosted by Amazon Web Services infrastructure in Oregon, United States.

For full list of our subprocessors, please refer to our data Processing Addendum and list of data subprocessors.

Changes to this policy

Changes to this policy can be introduced at any time. Please check this page regularly to be informed about the changes. We will also try to reach you by email. You can subscribe to the Confluence space RSS feed to receive notifications.