📝 Data Processing Agreement (DPA) – Issue Delivery Report

Data usage clarity. Compliance you can trust.

🧾 What is a DPA?

A Data Processing Agreement (DPA) outlines how user data is accessed, handled, and protected — particularly under regulations such as GDPR, CCPA, and other privacy laws.

Although Issue Delivery Report does not store data externally, this section exists to provide full clarity and peace of mind for your legal and security teams.

🔍 Data Flow Overview

Data Accessed:

• Issue key, current status, created date

• Full status transition history (via expand=changelog)

• User displayName (from changelog author)

• Sprint metadata (start/end dates, if available)

Data Stored:

• 🗂 None — all calculations are ephemeral

• 🧠 Exported files (CSV, JSON, MD, TXT) are generated in-browser

• ❌ No persistent storage, no issue properties, no external systems

🌍 GDPR Compliance

Issue Delivery Report is GDPR-compliant by design:

📜 Processor Details

Issue Delivery Report is developed and operated by:

TypeSwitch
Kyiv, Ukraine
📧 support@typeswitch.net

As an Atlassian Marketplace Partner, we comply with:

• Atlassian’s Marketplace Partner Agreement

• Atlassian’s Data Processing Addendum (DPA)

• All applicable platform-level requirements

🛡 Security by Forge

Because the app is built on Atlassian Forge:

• All compute and logic occur inside Atlassian's infrastructure

• No TypeSwitch systems or servers handle customer data

• Only Jira APIs are used

• All operations occur within the user’s session scope and are OAuth2-authorized

✅ DPA Summary

Issue Delivery Report does not qualify as a data processor under most interpretations, since:

• ❌ No personal data is processed or stored externally

• ❌ No behavior tracking or profiling is performed

• ❌ No persistence exists outside your Jira Cloud instance

However, if your legal or compliance team requires a signed DPA, we are happy to provide one upon request.

📩 Email: support@typeswitch.net