Plugin Vault Privacy Policy

Last Updated: Dec 22, 2024

Plugin Vault ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information. It applies to data collected through our apps developed for the Atlassian Marketplace, including but not limited to those created using Atlassian's Forge toolkit.

1. Contact Information

For privacy-related inquiries, please contact us at:

Email: privacy@pluginvault.dev

We are not required to appoint a Data Protection Officer (DPO) under GDPR regulations, but we are committed to addressing all privacy inquiries at privacy@pluginvault.dev.

2. Data Collection

We collect the following personal data:

Email addresses
Usage logs

Sources of Data:

Data is collected via Atlassian APIs during product installation and usage.

Purpose of Data Collection:

To provide and improve our services.
To communicate with users.
To support analytics and marketing efforts.

Data Minimization: We collect only the data necessary to achieve the purposes outlined in this policy.

User Choices: Users can choose not to provide certain information, but this may limit their ability to use some features of our products.

3. Purpose and Legal Basis for Processing Data (GDPR)

We process data for the following purposes and legal bases:

Customer Support: Contractual necessity – to provide support services.
Analytics: Legitimate interests – to analyze and improve product performance.
Marketing: Consent – to send promotional content with user consent.

4. Data Sharing and International Transfers

Third-Party Sharing: We share data with Atlassian as required for integration with their platform.

International Transfers: Data may be transferred outside the EU/EEA only as permitted under Atlassian's Forge platform compliance, which users can verify in Atlassian's Data Processing Addendum.

5. Data Retention and Security

Data Retention:

Data is retained while the product is installed. It will be deleted within 90 days after the product is uninstalled.

Security Measures:

Encryption
Least privilege access controls

6. User Rights

Under GDPR, users have the right to:

Access their personal data.
Correct inaccuracies in their data.
Request deletion of their data.
Request data portability.

California residents (CCPA) have additional rights, including:

Opting out of data sales.
Requesting information about collected data.
Requesting deletion of data.

Data Deletion Requests: Upon receiving a deletion request, we will promptly delete the user's personal data from our systems, unless retention is required by law.

Contact us at privacy@pluginvault.dev to exercise your rights.

7. Cookies and Analytics

We use cookies and similar technologies for analytics and functionality.

Third-Party Tools:

Google Analytics and Vercel Analytics – for company website analytics.
Atlassian Analytics – for data insights within our products.

8. Policy Updates

We may update this Privacy Policy periodically. The "Last Updated" date at the top of this page reflects the latest revision. Users should review this policy regularly to stay informed.

9. Children’s Privacy

We do not target or knowingly collect data from children under 16 years old (GDPR) or 13 years old (CCPA).

10. Do Not Track Signals

We honor "Do Not Track" signals by stopping data tracking upon detection.

If you have any questions about this Privacy Policy, contact us at privacy@pluginvault.dev.