๐ Data Processing Agreement (DPA)
Data usage clarity. Compliance you can trust.
๐งพ What is a DPA?
A Data Processing Agreement (DPA) defines how customer data is handled, processed, and protected โ especially under regulations like GDPR and CCPA.
While Flow Time Report does not store data externally, this section ensures full transparency in line with modern data privacy standards.
๐ Data Flow Overview
Data Accessed:
Issue key, status, changelog, created date
User display name (via changelog
author.displayName)Saved badge metadata (from Jiraโs issue property)
Data Stored:
๐ Only stored inside Jira Cloud
๐ No data leaves Atlassianโs environment
โ No 3rd-party servers, cookies, or analytics used
๐ GDPR Compliance
Flow Time Report is GDPR-aligned by design:
Principle | How We Comply |
|---|---|
Data Minimization | Only use whatโs necessary to function |
Transparency | This documentation explains all logic |
Right to Access | Admins can view all stored properties |
Right to Erasure | Uninstalling removes app access |
Data Portability | Export options (CSV, JSON, MD, TXT) |
๐ Processor Details
Flow Time Report is operated by:
Melt>Soft
Kyiv, Ukraine
Email: flowtimereport@typeswitch.net
As a Marketplace Partner, we operate under Atlassian's Marketplace Partner Agreement and their Data Processing Addendum.
๐ก Security by Forge
Because Flow Time Report is built on Forge:
All compute happens inside Atlassian infrastructure
Data never touches MeltedSoft-owned systems
Only Jira APIs are used, always with active user authorization
โ DPA Summary
Flow Time Report does not act as a "data processor" under typical definitions โ because no external processing occurs.
However, if your legal department requires a custom DPA, weโre happy to review and sign one upon request.
๐ฉ Email: flowtimereport@typeswitch.net