-
Notifications
You must be signed in to change notification settings - Fork 0
PRIVACY_POLICY
Effective Date: May 30, 2026
This Privacy Policy explains how SmartScript for Jira ("App"), provided by JMC Labs ("we", "us", or "our"), handles data when installed on a Jira Cloud site.
SmartScript for Jira is built on Atlassian Forge. We do not operate external application servers, external databases, analytics tools, or telemetry pipelines for this App. App data is processed through Atlassian Forge and Jira Cloud services.
The App stores the following data in Atlassian Forge storage:
- Script definitions: script name, description, code, trigger type, active state, optional schedule settings, optional project filters, and timestamps.
-
Execution logs: recent script execution records, including script name, trigger type, issue key when applicable, success/failure status, duration, error messages, and
console.logoutput generated by customer scripts.
Execution logs are capped to the most recent 50 records by the App.
When automations run, the App may process Jira event data and Jira issue data needed for the configured script. Depending on the script, this can include issue keys, summaries, status, priority, assignee account IDs, components, labels, descriptions, due dates, changelog entries, and search results returned by Jira.
The App exposes script helper functions for Jira actions such as reading issues, updating issues, adding comments, setting assignees, transitioning issues, creating subtasks, adding watchers, linking issues, and searching issues. These actions are performed against the customer's Jira Cloud site through Atlassian APIs.
We do not intentionally collect or store:
- Atlassian account passwords.
- Atlassian Personal Access Tokens.
- Customer API keys or shared secrets.
- Payment card details.
- Marketing analytics identifiers.
Customers should not store secrets in scripts, comments, or logs.
We do not transmit customer data to third-party servers. We do not use Google Analytics, Mixpanel, Segment, Sentry, or similar third-party analytics/error tracking services in the App.
Data remains within Atlassian apps and services except where a customer script causes Jira itself to perform a Jira action, such as posting a comment or updating an issue.
The App logs execution results in Forge storage so administrators can troubleshoot automations. Logs may contain End-User Data if a customer script writes such data using console.log or if an error message includes Jira data. Logs are not shared with third parties by JMC Labs.
- Script definitions remain until deleted by an administrator or until the App is uninstalled.
- Execution logs are retained only for the most recent 50 runs unless cleared earlier by an administrator.
- When the App is uninstalled, App data is handled according to Atlassian Forge storage and data retention policies.
The App stores data exclusively within Atlassian Forge storage and Jira Cloud services. Data residency behavior follows Atlassian Forge and Jira Cloud capabilities and is not controlled by JMC Labs through external infrastructure.
User scripts run inside js-interpreter, an isolated ES5 JavaScript interpreter. Scripts do not receive direct access to Node.js modules, the filesystem, browser network APIs, arbitrary HTTP clients, or environment variables. Only App-provided helper functions can perform supported Jira actions.
For customer Jira data processed through the App, JMC Labs generally acts as a processor/service provider on behalf of the customer. Customers remain responsible for determining their own legal basis, user notices, and compliance obligations for scripts and Jira data processed in their Jira Cloud sites.
We may update this Privacy Policy from time to time. The effective date above will be updated when material changes are made.
For privacy or security questions, contact:
JMC Labs
Email: support@jmclabs.dev