Privacy statement

Cloud Security Statement

Effective as of April 11, 2017.

Overview

Aneto Software LLC add-ons are hosted and delivered by the great hosting service digitalocean.  digitalocean is responsible for the security of its actual data centers and the cloud solution.  Aneto Software LLC is responsible for monitoring, managing and securing the Aneto Software LLC Cloud.

Facilities

Digitalocean manages the data centers that host the Aneto Software LLC Cloud.  For more information about security at those data centers, see https://www.digitalocean.com.

Aneto Software LLC Cloud data is hosted in the United States.

Certification

Digitalocean Web Services manages the security of the cloud.  Digitalocean has been certified by third-party organizations, and manages many compliance programs to comply with laws and regulations.  A list of such certifications and compliance statements can be found at:

https://www.digitalocean.com.

Aneto Software LLC is certified as a Cloud Security Compliant vendor with Atlassian [https://developer.atlassian.com/market/programs-and-features/cloud-security-program].

Data Storage

In the Aneto Software LLC Cloud, data at rest is encrypted using industry standard encryption.  Additionally, all communications with the Aneto Software LLC Cloud are protected with HTTPS using TLS.

The automatic subtasks add-on saves the subtasks's information details on the solution's database, but not the information contained on the parent types that trigger the creation of the subtasks.

The add-on makes calls to the Jira instance to get the following information: 

  1. Project names and IDs

  2. Parent issues names and IDs

  3. Sub task names and IDs

The add-on also receives notifications from Jira on the following actions: 

  1. Issue is created on the instance

  2. Project name is changed

  3. Issue type name is changed 

Aside from these items, the add-on does not process nor save any other information from the Jira instance. 

People and Access

Within Aneto Software LLC, only a few members of our Cloud Team have access to the production environment for the purposes of maintaining our cloud services and assisting our customers.  Additionally, we monitor all access to Aneto Software LLC Cloud.

Customers are responsible for maintaining the security of their own login information.

Backups

Customer data is backed up once per day, and is encrypted.

Privacy

Aneto Software LLC understands the importance of ensuring the privacy of your personally identifiable information.

Aneto Software LLC has a firm policy on not saving or sharing customer information. The Atlassian architecture allows for the use of the client information that is already saved in the Atlassian systems. This allows us to avoid saving this information in our servers.

We save Atlassian Tenant Id and Account ID information and link everything else around this key data.

Your personal dat awill never be shared with third parties

Google Sheets usage

Additional Limits on Use of Your Google User Data: Notwithstanding anything else in this Privacy Policy, if you provide the App access to the following types of your Google data, the App's use of that data will be subject to these additional restrictions:

  • The App will only use this access to create Google sheets in your google account

  • The App will not use this Gmail data for serving advertisements.

  • The App will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App's internal operations and even then only when the data have been aggregated and anonymized.

  • The app will not save any of your google information on its database.

  • The app will only access your google API for the creation of google sheet reports. The app will not try to access these google sheets after they are created.

The Aneto Project Accounting System’s use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.