Privacy Policy for Timeline Planner

Last Updated: October 3, 2025

Overview

Timeline Planner ("the App") is an Atlassian Forge application that helps teams visualize and schedule Jira tickets using calendar interfaces. This privacy policy explains how we collect, use, and protect your data.

Data Collection and Storage

Data We Access

The App accesses the following data from your Atlassian Jira instance:

  • Jira Issues: Issue summaries, descriptions, statuses, assignees, priorities, time estimates, and date fields
  • User Information: User account IDs, display names, email addresses, and avatar URLs
  • Filters: Your saved Jira filters for searching issues
  • Custom Fields: Date fields configured in your Jira instance

Data We Store

The App stores the following data using Atlassian's Forge Storage API (a secure key-value store provided by Atlassian):

User Configuration

  • Developer lists (account IDs and names)
  • Theme preferences (light/dark mode)
  • Calendar settings (week start day, working hours, default view settings)
  • Date field mappings (which custom fields to use for start/end dates)

Placeholder Events

  • User-created placeholder events for resource planning
  • Event titles, dates, descriptions, and assigned developers

Where Your Data is Stored

  • All data is stored within Atlassian's infrastructure using the Forge Storage API
  • We do not use external databases (no separate Neon, PostgreSQL, or other third-party database services)
  • We do not transfer your data outside of Atlassian's ecosystem
  • Data storage complies with Atlassian's security and privacy standards

Authentication and Security

Authentication

  • Atlassian Forge Authentication: The App uses Atlassian's built-in Forge authentication system
  • No Custom JWT Authentication: We do not implement custom authentication or maintain separate user credentials
  • OAuth 2.0: All API calls are made using Atlassian's OAuth 2.0 authentication via the Forge platform
  • User Context: All operations are performed in the context of the authenticated Atlassian user

Security Measures

  • Atlassian's Security Infrastructure: All data is protected by Atlassian's enterprise-grade security
  • Secure API Calls: All Jira API requests use secure HTTPS connections
  • Permission-Based Access: The App only accesses data that the authenticated user has permission to view
  • No Third-Party Data Sharing: Your data is never shared with third parties

Permissions and Scopes

The App requests the following Atlassian Forge permissions:

  • read:jira-work - To read Jira issues, projects, and filters
  • write:jira-work - To update issue dates and assignees
  • read:jira-user - To read user information for developer selection
  • storage:app - To store user preferences and placeholder events in Atlassian's Forge storage

Data Usage

We use the accessed data solely for the following purposes:

  1. Display: Showing your Jira tickets on calendar/timeline interfaces
  2. Scheduling: Updating issue dates and assignees when you drag-and-drop tickets
  3. Configuration: Saving your preferences and settings for a personalized experience
  4. Planning: Creating and managing placeholder events for resource planning

Data Retention

  • User Configuration: Stored until you uninstall the App or manually delete your configuration
  • Placeholder Events: Stored until you manually delete them or uninstall the App
  • Cached Jira Data: The App does not permanently cache Jira issue data; all issue data is fetched in real-time from your Jira instance

User Rights

You have the right to:

  • Access Your Data: View all configurations and placeholder events stored by the App
  • Delete Your Data: Remove developers, delete placeholder events, or reset your configuration at any time
  • Uninstall the App: Uninstalling the App will remove all stored configuration and placeholder data

Data Deletion

When you uninstall the App:

  • All user configurations stored in Forge storage are automatically deleted
  • All placeholder events are automatically deleted
  • No data is retained after uninstallation

Third-Party Services

The App does not use any third-party services outside of the Atlassian ecosystem. All data storage and processing occurs within:

  • Atlassian Forge platform
  • Atlassian Jira Cloud REST API
  • Atlassian Forge Storage API

Changes to This Policy

We may update this privacy policy from time to time. We will notify users of any material changes by updating the "Last Updated" date at the top of this policy.

Contact Information

For questions or concerns about this privacy policy or data practices, please contact:

Developer: D-Flux Software Solutions
Email: support@d-flux.net

Compliance

This App complies with:

  • Atlassian's Forge Platform policies
  • Atlassian Marketplace privacy requirements
  • General Data Protection Regulation (GDPR) principles through Atlassian's infrastructure

Data Processing Agreement

By using this App, you acknowledge that:

  • The App processes data within your Atlassian Jira instance
  • Data is stored using Atlassian's Forge Storage API
  • All data processing is performed in accordance with Atlassian's Terms of Service and Privacy Policy
  • The App does not transfer data outside of Atlassian's infrastructure

Important Note: This App is built on the Atlassian Forge platform and adheres to Atlassian's security and privacy standards. For more information about Atlassian's data handling practices, please refer to Atlassian's Privacy Policy.