Security statement

Overview

Connector for Salesforce & Jira displays Salesforce data in Jira pages.

    Data

    • The Cloud version of Connector for Salesforce & Jira is the middleman that transfers data between Jira and Salesforce using an intermediary server owned by ServiceRocket at sfjc.servicerocket.io, hosted on AWS EC2 with Multi-AZ enabled. Every info is fetched on the go when needed.
    • Only Salesforce objects configured by the Jira administrator can be accessed by the Connector for Salesforce & Jira.
    • The data you pull from Salesforce into Jira is the only data that is accessed (data is processed but not written to disk) and transferred.
    • The data transmission between Jira Cloud, the intermediary server, and Salesforce are encrypted using HTTPS and JWT as user validation.

    Access

    • We take great pains to securely authenticate your connection to Salesforce.
    • We never store any Salesforce data on our servers except for Salesforce object IDs.
    • We do not store your Salesforce credentials or your Jira credentials anywhere.

    Privacy

    • Connector for Salesforce & Jira is fully compliant with GDPR as this has also been enforced by Atlassian for all Jira Cloud Apps.
    • ServiceRocket understands the importance of privacy. Please read our Privacy Policy for more information.

    Frequently asked questions

    • Where are your development and support teams located?
      Our development and support teams are located in Palo Alto (United States), Kuala Lumpur (Malaysia), and Santiago (Chile).

    • Can I have more detailed information about data retention, internal procedures, risk management, etc.? Do you provide help in answering third-party vendor questionnaires?
      We can provide a detailed copy of our SOC 2 compliance report to fulfill these requests. However we can share this only upon signing of an NDA between ServiceRocket and your company.

    • Can you provide your data processing agreement/addendum?
      Yes, if you need a copy of our DPA, you may request it from our Support team and we can provide this upon signing of an NDA form.

    Data

    • Unlike the Cloud version of Connector for Salesforce & Jira, the Server version DOES NOT use an intermediary server.
    • Only Salesforce objects configured by the Jira administrator can be accessed by the Connector for Salesforce & Jira.
    • The data you pull from Salesforce into Jira is the only data that is accessed (data is processed but not written to disk) and transferred.
    • The data is not encrypted, but uses HTTPS and JWT as user validation.

    Access

    • We take great pains to securely authenticate your connection to Salesforce.
    • We never store any Salesforce data on our servers.
    • We do not store your Salesforce credentials or your Jira credentials anywhere.

    Privacy

    • ServiceRocket understands the importance of privacy. Please read our Privacy Policy for more information.

    Frequently asked questions

    • Where are your development and support teams located?
      Our development and support teams are located in Palo Alto (United States), Kuala Lumpur (Malaysia), and Santiago (Chile).

    • Can I have more detailed information about data retention, internal procedures, risk management, etc.? Do you provide help in answering third-party vendor questionnaires?
      We can provide a detailed copy of our SOC 2 compliance report to fulfill these requests. However we can share this only upon signing of an NDA between ServiceRocket and your company.


    • Is your app GDPR compliant?
      Not yet. The future release of Jira 8.2 is introducing GDPR compliance for all Jira third-party apps. We are preparing to cater to these changes for whenever Atlassian announces the release of Jira 8.2. In the meantime, we have implemented GDPR compliance company-wide.


    • Can you provide your data processing agreement/addendum?
      Yes, if you need a copy of our DPA, you may request it from our Support team and we can provide this upon signing of an NDA form.