On this page:

Trust in Didit checklists

FAQ - trust, data privacy, security

This page is dedicated to customers of Didit Checklists for Jira and/or Confluence. The solution is tailored to work in large organizations with high security and data privacy standards. Yet our Atlassian app works on Atlassian Connect, meaning data runs on our servers. This page lays out what we offer on a legal basis to ensure you’re safe and what we do technically to secure your data. We are a German company and do take data privacy and security very seriously. That is unrelated to whether you sign contracts with us about this.

Sign a Data Processing Agreement (DPA) with us. If you are in the EU or California, or if your organization is aware of data privacy, it may be helpful for you to sign a DPA (Do you wonder what a DPA is?) with us to comply with modern privacy standards and practices. It’s straightforward, all prepared, and done in 3 to 5 minutes, even for non-legal people. Follow this link and let us guide you through the process. You’ll have a legally signed DPA in 5 minutes and efficiently comply with GDPR and similar regulations. If you are in the EU, this is a mandatory step.

1. What are we doing with your data?

Our checklist application is built to help you. It is a for-pay commercial software. We do not use your data in any way other than to help you get the most out of our software. We never sell any data. We never give anybody access to it who is not striving for that goal. We also limit access to this data within our team to the minimum. That means that non-technical people usually don’t have access to any data within the team. Even with our engineers, only a limited subset can access the data that we store. It is always anonymous when we run analyses, create profiles, build clusters, or use statistics on usage in your system. We improve our software or use this data to guide your users towards exploring our software better and exploiting its utility.

We store personal data, including email addresses and first and last names. This is mainly for sending emails from our systems to you. Here are some examples:

  • Template managers are responsible for checklist templates. They receive an email whenever a new checklist is created based on the corresponding template and when it is finished.
  • When creating recurring checklists, checklist assignees can be configured. The assignees will receive an email whenever a checklist is created.
  • We offer a checklist portal for external users who do not have an Atlassian account. They need email addresses to log in and receive notifications.
  • When we find significant elements in your usage patterns that allow growth and learning, we’ll contact you and offer insights. This is a broad description and includes the push to increase the utility of our software in your organization. Please rest assured that we only do this with your value in mind and not for purely tactical reasons.

Other use cases for sending you emails include sending error reports and security alerts, allowing users to subscribe to alerts/news feeds, and allowing users to invite other users to collaborate.

2. What personal data does the Checklists for Jira application process, where and how? How is this data protected? Where is it stored and who has access to it?

The Checklists for Jira application processes minimal personal data for the purpose of providing and improving the service. The processing takes place in our databases and is currently only accessible to the Checklists development team. The specific individuals in this team can be named upon request.
The data is protected with state-of-the-art security measures, including encryption and secure access controls. For more information about our data handling and privacy practices, you can review our End User License Agreement and our General Data Privacy Information. If you have further questions, we offer consultations to address them, which you can schedule here.

3. Where is the data stored?

We utilize a data center in the Google Cloud Platform located in Frankfurt am Main, Germany for data storage. This enables us to ensure high availability and robust data security. After you’ve had a chance to test the features of the Checklists for Jira application, we’d be happy to provide further information or answer any additional questions you may have.

4. Do you have any certifications or reports (such as SOC Type II)?

You can find information in our Trust Center: Trust Center. We are not yet ISO 27001 certified. However, we have been working on this for about a year. With a bit of luck, we will achieve it within this year, 2024.


Link to this page: https://seibert.biz/checkliststrust