Security Policy

Effective Date: 15 Feb 2025

At Type Switch, protecting your data and maintaining secure operations is our highest priority. All our Jira Cloud applications are built using Atlassian Forge and run entirely on Atlassian’s secure infrastructure.

1. Infrastructure We do not operate or maintain any external backend services. All business logic and operations are executed within Atlassian’s Forge runtime, ensuring that your data never leaves the Atlassian Cloud environment.

2. Data Storage We do not persist or export customer data — including issues, projects, or user details — outside of your Jira Cloud instance. All such data remains strictly within Atlassian’s systems, where it is securely processed using Forge’s isolated and sandboxed execution environment.

3. Compliance We rely on Atlassian’s robust compliance and security certifications to meet global and industry-specific standards. More information about Atlassian’s compliance programs is available here: https://www.atlassian.com/trust/compliance

4. Vulnerability Reporting We welcome responsible disclosure of potential security issues. If you believe you have identified a vulnerability in one of our apps, please contact our team at support@typeswitch.net. We treat all reports with urgency and take prompt action.

5. Access Control Access to application configuration, logs, and support interfaces is strictly limited to a small number of authorized personnel. We follow the principle of least privilege and regularly audit access permissions.

6. Authentication All authentication is managed through Atlassian’s secure identity services. We do not store or manage user credentials of any kind.

7. Incident Response We maintain internal playbooks and escalation procedures for investigating and responding to security incidents. In the event of a breach or service disruption, our team initiates mitigation protocols, communicates with affected users, and performs a post-mortem to strengthen our systems.