Privacy Policy for addons

Holger · 2019-01-05 18:46:01 UTC

I got an email from Atlassian that my addon listings on Marketplace miss a Data Privacy Statement, which is required as described in 8.4 of https://www.atlassian.com/licensing/marketplace/publisheragreement.

Did I got it right, that I only have to clarify „Vendor-Collected End User Data“ and not „Atlassian-Collected Data“?

Because my addons don‘t store any additional data and just modify regular data stored in Jira, how should my Data Privacy Statement look like?

Has somebody similar situation?

How did you solve you Data Privacy Statement topic?

Best regards
Holger

azhdanov · 2019-01-05 20:19:39 UTC

Hi Holger,

I have received same email, hopefully by mistake, because it is Jira Server only app that should not require Data Privacy Statement as to me, though I’m still discussing it with @jgaard via AMKTHELP.

Thank you.

akassab · 2019-01-07 20:00:28 UTC

Hi @Holger and @azhdanov -

All apps (includes cloud only, server only, data center) etc. require a privacy policy URL. Please add this to the field called “Data Security and Privacy Statement” on your manage app details page.

All app versions (includes cloud only, server only, data center, etc.) require either a customer terms statement or a EULA. Please add this to the field called “End user license agreement” on your manage app versions links page.

All apps (includes cloud only, server only, data center, etc.) require specification of data storage practices in a separate field called “App stores personal data” on your manage app details page. Any app with a public cloud version (including apps that also have server or dc versions available) that hasn’t set this field has been de-listed. De-listing means that the app is hidden from Marketplace search and can’t be installed by new customers.

Thanks,
Alex

azhdanov · 2019-01-09 05:56:17 UTC

Hi all,

Is there anyone for whom it looks odd to set Data Security and Privacy Statement for Server/Data Center only app?

Moreover, for Jira Server only app, the Data Security and Privacy Statement field on Marketplace does not seem to be required by listing on Marketplace. Please see two screenshots for visual difference with and without red asterisk for the field.

And is there someone also who also thinks that setting Customer Terms / End User License Agreement for all existing versions for the apps may be too much? So that only latest version cold be enough.

Thank you.

andy · 2019-01-11 08:48:08 UTC

Speaking as a vendor with over 900 releases of a single app, yes. I do not want to have to do this for EVERY VERSION EVER!

Atlassian, please provide a way to APPLY TO ALL VERSIONS of an app

vitek.urban · 2019-01-12 19:21:33 UTC

Hi all,
IMHO it’s all some kind of a monkey business about Privacy Policy, EULA or whatever else . But…
I’ve prepared some Privacy Policy for my plugins as easy as possible - I read PPs for some analogical plug-ins which are server only and don’t story any data outside the customer’s server and then wrote some mine. Pretty easy way, I would recommend you .
Do not forget, that for supported addons you typically have some support tool (Jira SD etc.). This tool collects data from your customers while they are able to input anything (logs, bugs descriptions etc.), so your PP must cover this case too.
Regards,
Vitek