Last updated: October 04, 2023
Effective since: October 04, 2023
1 Interpretation and Definitions
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
- Account means an Atlassian user account identified by an identified “atlassianAccountId” used to interactions between You and our Service or parts of our Service.
- Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
- Application, “app” or “apps” refer to the apps available on Atlassian Marketplace. In particular apps that were made available by Company.
- Business, for the purpose of CCPA/CPRA, refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of the processing of Consumers’ personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers’ personal information, that does business in the State of California.
- CCPA and/or CPRA refers to the California Consumer Privacy Act (the “CCPA”) as amended by the California Privacy Rights Act of 2020 (the “CPRA”).
- Company (referred to as either “the Company”, “We”, “Us”, “Marketplace Vendor”, or “Our” in this Agreement) refers to ALDEVA DIGITAL s.r.o., Tolsteho 5, 81106 Bratislava, Slovakia.
- Country refers to: Slovakia
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- GDPR refers to EU General Data Protection Regulation.
- Personal Data is any information that relates to an identified or identifiable individual.For the purposes of GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.
- Service refers to the Application.
- Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. For the purpose of the GDPR, Service Providers are considered Data Processors.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- You means an individual accessing or using the Service, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
- Microsoft – a company Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399
- Google – a company Google LLC, 1600 AMPHITHEATRE PARKWAY MOUNTAIN VIEW CA 94043
- Slack – a company Slack Technologies, Inc, 500 Howard Street San Francisco, CA 94105 USA
- 3rd party – or a third party is any other entity which isn’t “You“, “Company” or “Affiliate“
For the purposes of the General Data Protection Regulation (or any successor or equivalent legislation in the UK) (“GDPR“), the Company is the controller of your personal data.
2 Collecting and Using Your Personal Data
2.1 Types of Data Collected
Personal data we collect and receive
Personal data is collected automatically while using our services or based on your action of entering the data into our application.
Personal data may include, but is not limited to:
- Jira data (user account name, user account id, jira instance url)
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
- your name
- your e-mail address
- your jira instance URL
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
When you connect your account with Google within our services, we may process some of the data from your Google account. It includes, but is not limited to:
- Google user id, Google user access token, Google user name, Google user email, Google user calendar list, Google user calendar event list
When you connect your account with Microsoft within our services, we may process some of the data from your Microsoft account. It includes, but is not limited to:
- Microsoft user id, Microsoft user access token, Microsoft user name, Microsoft user email, Microsoft user calendar list, Microsoft user calendar event list
2.2 Use of the Personal data
The Company may use Personal Data for the following purposes:
- To provide and maintain our Service, including to monitor the usage of our Service.
- To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
- To provide You with news, special offers and general information about other services we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
- To manage Your requests: To attend and manage Your requests to Us.
- For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
We may share Your personal information in the following situations:
- With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.
- For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
- With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
- With Your consent: We may disclose Your personal information for any other purpose with Your consent.
2.3 Retention of the Personal data
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
We may store your data up to 180 days after you stop using our services in order to keep your account intact, in case you decide to renew usage of our services. After the 180 days period has expired, your data will be completely removed from our services without any possibility of restoration. By not using our services for more than 180 consecutive days you give us an exclusive right to completely remove your data.
2.4 Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
2.5 Delete Your Personal Data
You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.
Our Service may give You the ability to delete certain information about You from within the Service.
You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us.
Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.
Note, that while using your Service, some of Your Personal Data might be necessary to provide Services.
2.6 Disclosure of Your Personal Data
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
- Comply with a legal obligation
- Protect and defend the rights or property of the Company
- Prevent or investigate possible wrongdoing in connection with the Service
- Protect the personal safety of Users of the Service or the public
- Protect against legal liability
2.7 Security of Your Personal Data
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
3 GDPR Privacy
3.1 Legal Basis for Processing Personal Data under GDPR
We may process Personal Data under the following conditions:
- Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
- Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
- Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
- Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
- Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
3.2 Your Rights under the GDPR
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
- Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, you can access, update or request deletion of Your Personal Data directly within Your account settings section. If you are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
- Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
- Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
- Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
- Request the transfer of Your Personal Data. We will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
- Withdraw Your consent. You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
3.3 Exercising of Your GDPR Data Protection Rights
You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.
You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
We may enage certain onward subprocessors that may process personal data collected by Us. These subprocessors are listed below, with a description of the service and the location where data is hosted.
|DigitalOcean Holdings, Inc.||Personal data storage and data processing||Germany, USA|
|Intercom, Inc.||Customer communication||USA|
To fulfill our obligations arising from Data-Processor role under GDPR, see DPA’s subprocessors list: https://www.aldevadigital.com/dpa/#subprocessor-list.
4 CCPA/CPRA Privacy Notice (California Privacy Rights)
Under the terms of California Consumer Privacy Act (CCPA), We are a Service Provider, meaning that we do not sell data.
5 “Do Not Track” Policy as Required by California Online Privacy Protection Act (CalOPPA)
Our Service does not respond to Do Not Track signals.
However, some third party websites do keep track of Your browsing activities. If You are visiting such websites, You can set Your preferences in Your web browser to inform websites that You do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of Your web browser. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
6 Your California Privacy Rights (California’s Shine the Light law)
If you’d like to request more information under the California Shine the Light law, and if You are a California resident, You can contact Us using the contact information provided below.
7 California Privacy Rights for Minor Users (California Business and Professions Code Section 22581)
California Business and Professions Code Section 22581 allows California residents under the age of 18 who are registered users of online sites, services or applications to request and obtain removal of content or information they have publicly posted.
To request removal of such data, and if You are a California resident, You can contact Us using the contact information provided below, and include the email address associated with Your account.
Be aware that Your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
8 Children’s Privacy
Our Service does not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 18 without verification of parental consent, We take steps to remove that information from Our servers.
9 Links to other Websites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
11 Contact Us
- By email: firstname.lastname@example.org