Effective date:  

Please check our general Privacy Policy, before reading this Privacy Policy of Smart Attachments for Jira Cloud.

This Privacy Policy describes how we - Stiltsoft Europe (“Stiltsoft”, “we”, “our” or “us”) collect, store, use and disclose personal data regarding individuals (“you”) who use our app Smart Attachments for Jira Cloud.

Your privacy is important to us, and we are strongly committed to making our practices regarding your personal data more transparent and fairer. Please read this Privacy Policy carefully and make sure that you fully understand and agree to it.

This Privacy Policy for our Product forms a part of our End User License Agreement and our general Privacy Policy.


Throughout this Privacy Policy we are using the following terms:

  1. Product - denotes the Smart Attachments app for Jira Cloud.
  2. Service Provider - denotes a third-party organization which services or facilities we use for provision of services within our Product.
  3. Data - denotes any data we collect, process and manage for correct operation of our Product. The data falls into the four types, as follows:
    • Technical data
    • Operation data
    • Analytics data
    • Personal data
  4. Service - denotes the label management capabilities which Product provides.
  5. User - a person who uses the Product.

Data Collection

We collect technical data, Jira Cloud instance data, and user action data. Such data is typically collected and generated through your interaction with us or our product.

Specifically, we collect the following categories of data:

Technical data: When you visit, interact with, or use our product, we may collect, record or generate certain technical data about you. We do so either independently or with the help of third party Service Providers, including through the use of “cookies” and other tracking technologies.

Such data includes the following:

  • URL address of your Jira Cloud instance
  • app logs
  • error and issue logs

The technical data we collect does not include any personally identifiable information about you.

Operation data: When you use our app, you manage labels (create, update, delete) and assign them to specific attachments. We store only names of labels and their colors. We do not collect and store mappings of labels to attachments within our Product, as this data is stored in the issue properties on the side of your Jira Cloud instance.

The app also indexes attachments for quick attachment lookup, in this case we collect and save the following attachment data:

  • attachment id
  • attachment name
  • account id of an uploader
  • MIME type
  • issue id

The operation data we collect does not include any personally identifiable information about you.

Analytics data We use the analytics tools (Google Analytics) to collect data about the use and activities in our Product. Analytics tools collect data such as how often Users use a specific feature in our Product. In addition to action data, we track some additional anonymized data about you and your Jira Cloud instance, as follows:

  • Client key - unique anonymized identifier of Jira Cloud instance.
  • Account ID - unique anonymized identifier or a Jira user.
  • App License Type - license type of our Product.
  • Project type - type of a Jira project in which an action was performed (business / software / service desk).
  • Project generation - generation of a Jira project in which an action was performed (classic / nextgen).
  • Issue ID - unique identifier of a Jira issue (not issue key).
  • Attachment ID - unique identifier of an attachment.
  • File extension - file extension of an attachment on which an action was performed.
  • Attachments Count - number of attachments on which an action was performed.

Personal data: When you start subscription (either trial or paid) Atlassian provides us with the personal data of a person who initiated the subscription. We do not collect this information, we only control it. For the details on this please see our general Privacy Policy.

We do not track any additional personal data when you (or someone from your company) are using our Product itself except the technical data and analytics data outlined in this section.

Data Uses

We use the collected data for the following purposes:

Personal data is used for support services and marketing purposes. For the details on this, please see our general Privacy Policy.

Technical data is used for identifying and addressing the probable operational and performance issues within our Product.

Analytics data is used for identifying the frequently used features and potential points for improvement and optimization. We use it to gain a better understanding on how Users evaluate, use and interact with our Product, and how we could improve their user experience, and continue improving our Product.

Operation data is used only for service provision within our Product without any other uses.

We do not sell your personal information, technical data, operation data and activity data to any company or advertiser, as we highly respect our customers and their data. All the collected data is used only for internal purposes (operation and development of the product).

Data Location & Retention

The data we collect from you is stored, as follows:

Personal data is stored in the Atlassian Marketplace, and we can only periodically retrieve it from the Atlassian Marketplace.

Technical data (including operational logs) is stored in encrypted form in AWS RDS in the United States of America. This data is continuously rotated.

Analytics data is stored in Google Analytics, and the exact location where this data is stored is not disclosed. This data is retained for three years.

Operation data about label management is stored in your Jira Cloud instance within issue properties. The attachment indexes for the quick lookup are stored in the encrypted form in AWS RDS. Our app accesses this data when you are using our Product. This data is preserved within your Jira Cloud instance after the uninstallation of our Product. The attachment indexes are removed from our database (AWS RDS) according to the Data Retention Policy after the app uninstallation.

Data Sharing

We may engage selected third party companies and individuals to perform services complementary to our own. Such service providers include providers of Third Party Services, hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, fraud detection and prevention services, web analytics, e-mail distribution and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, and our legal, compliance and financial advisors (collectively, “Service Providers“).

These Service Providers may have access to your technical data, operation data and analytics data, depending on each of their specific roles and purposes in facilitating and enhancing our Product, and may only use it for such limited purposes as determined in our agreements with them.

Third-Party Subprocessors and Data They Collect



Data collected




Data hosting-

USA East (Nothern Virginia) region (us-east-1)


Google Analytics

Web analytics service

Anonymous information about certain user interactions with the App.

By using Google Analytics we track only information that pertains to the App (such as the event of status change) and how often Users are using our app features, how they configure them, and so on.

For example, we collect the following information:

  • App License Type - license type of our Product
  • Atlassian account ID (hash)
  • names of labels
  • colors of labels
  • attachment ID
  • attachment name
  • attachment creation date
  • attachment size
  • attachment MIME type
  • Jira issue ID (hash)
  • Jira project ID (hash)
  • Jira project type
  • project generation
  • attachments count

 Learn more about how the data is collected and processed by Google.


All (Cloud, Server, and Data Center)


An error monitoring tool

Sentry.io collects and stores the following data to help us discover, triage, and prioritize App errors in real-time:

  • Information about the place where the error occurred (the URL (including query parameters, description of the user’s actions on the page that preceded the error (places the user clicked, URLs of requests initiated from the page), and stack trace)
  • Information about the user’s environment (IP address, browser type and version, and operating system type and version).



MailchimpTransactional and broadcast emails

Business contact information (billing and technical contacts) from the Marketplace account.

Learn more about the Mailchimp Security and Privacy Policy.

USAAll (Cloud, Server, and Data Center)


Application monitoring and security

Datadog allows monitoring, troubleshooting, and optimizing application performance.


Cookies and Tracking Technologies

We and our Service Providers use cookies and other technologies for performance, tracking, and analytics purposes.

Our Product (including some of our Service Providers) utilizes “cookies” and anonymous identifiers for us to provide our Service and ensure that it performs properly and to analyze our performance activities. Such cookies and similar files or tags may also be temporarily placed on your device.

Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application. However, most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set the most browsers to notify you if you receive a cookie, or to block or remove cookies altogether.

Data Security

We secure your technical data and analytics data using industry-standard physical, procedural, and technical measures. The operation data is secured within your Jira Cloud instance, and we secure access to it through our Product.

The personal data is secured by Atlassian, and we secure access to it through the exposed data communication channel by Atlassian.


Stiltsoft may disclose personally identifiable information under special circumstances, such as to comply with subpoenas.


We may update this policy for our Product from time to time without any prior notice. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address fetched from your social account profile or by placing a prominent notice on our site.

Additional Notices

If you have any questions regarding this Privacy Policy, please address them to tech-support@stiltsoft.com.