I’m working on a OAuth2 (3LO) app for jira. We don’t save any user data except ther accountId of the user along with refresh token & access token.
In my console the below is said under “Distribution => Personal data declaration”
Select “Yes” if you copy and store personal data associated with user references (e.g. AccountID) in your own systems or if you cache data for longer than 24 hours.
Since I store AccountID does it mean that I have to choose “Yes” even though I don’t store anything else?