/
Privacy Policy

Privacy Policy

1. Purpose

Note: This page also serves as the Partner Security & Privacy Policy for the Agile Planner / Agile Planner Plus app.

Gudakesa Technologies LLC and its affiliates ("Gudakesa", "we", "our" or "us") believe that the responsible use of Personal Data is critical to our business objectives and reputation. This Privacy Policy explains how we collect, use, store and protect Personal Data in connection with the Agile Planner / Agile Planner Plus Jira Cloud application (the "App").

2. Scope

This Privacy Policy applies to:

  • Users and administrators of the Agile Planner / Agile Planner Plus App installed from the Atlassian Marketplace for Jira Cloud.

This policy does not change or override Atlassian’s own privacy policies for Jira Cloud and Atlassian accounts.

If you interact with Gudakesa websites (if any), those websites may use cookies or similar technologies. Website tracking (if applicable) is separate from the App and is described in Section 11.

3. Definitions

  • Personal Data / Personal Information: any information relating to an identified or identifiable individual.

  • Customer Data: data stored in Jira Cloud and/or entered into the App by a customer.

  • Data Subject: an identifiable natural person whose Personal Data is processed.

4. Data we process in the App

The App is designed for capacity planning, time-off workflows, and allocation reporting in Jira. Depending on how your organization uses Jira and configures the App, we may process:

  • Jira user and profile information available via Jira APIs (for example: Atlassian account identifier, display name, and other basic profile fields permitted by your site configuration).

  • Jira project/board/sprint data required to provide planning and reporting (for example: project identifiers, board identifiers, sprint identifiers).

  • Jira issue data required for planning and issue-level views (for example: issue keys/IDs, summaries, status, assignee, worklogs, and labels) as permitted by Jira permissions and the App’s scopes.

  • App configuration and planning data stored by the App (for example: teams, roles, members, assignments, holidays, work patterns, time-off requests/approvals, and capacity configuration).

We do not intentionally request or require special categories of sensitive personal data. Customers should avoid storing sensitive data in Jira issues unless necessary and permitted by their own policies.

5. Sources of data

We process data from the following sources:

  • From Jira Cloud / Atlassian: data accessed through Jira Cloud APIs when you use the App.

  • From you / your organization: configuration and planning information entered into the App UI.

6. How we use data

We use the processed data to:

  • Provide App functionality (capacity calculations, time-off workflow, project/global reporting, issue panel insights).

  • Operate and maintain the App, troubleshoot issues, and provide customer support.

  • Improve the App (for example, by fixing defects and enhancing features).

We do not sell Customer Data.

7. Where data is stored and processed (Atlassian Forge)

Agile Planner / Agile Planner Plus is built on Atlassian Forge.

  • App data is stored in Atlassian Forge Storage within Atlassian’s cloud.

  • App code executes in the Atlassian-hosted Forge runtime.

  • For normal operation, the App does not require external (non-Atlassian) servers or databases to store or process Customer Data.

  • The App uses Jira Cloud APIs. Actions respect Jira permissions and the scopes granted at installation.

8. Data sharing and subprocessors

  • For the App’s normal operation, we do not transmit Customer Data to third-party services outside Atlassian.

  • The App relies on Atlassian Cloud services (Jira Cloud and Forge) to host, store and process App data.

If we ever add optional integrations that transmit data outside Atlassian (for example, customer-enabled integrations), we will update this policy and the Marketplace listing accordingly.

9. Data retention and deletion

  • App configuration and planning data is retained while the App is installed on a site.

  • If a customer uninstalls the App, access is removed.

  • Site administrators may request deletion of App-stored data via the support channel listed on the App’s Atlassian Marketplace listing.

10. Security

We implement layered technical and organisational controls aligned with Atlassian Forge best practices. The App runs on Atlassian infrastructure and does not require external systems for normal operation. Key elements are described below.

We use reasonable technical and organizational measures to help protect Customer Data. For the App, key security aspects include:

  • Processing within Atlassian’s Forge platform and storage within Forge Storage.

  • Authorisation based on Jira permissions and the App’s granted scopes (principle of least privilege).

  • Encryption: data in transit protected via TLS; data at rest stored by Atlassian per Forge Storage controls.

  • Access control: restricted internal access to Atlassian developer consoles and Marketplace with MFA; least-privilege project access.

  • Logging and monitoring: audit use of Forge/Marketplace where available; review logs for debugging and security-relevant events.

  • Backups and DR: relies on Atlassian’s platform-level resilience for Forge-hosted storage and execution.

No method of transmission or storage is 100% secure; therefore, we cannot guarantee absolute security.

11. Cookies, analytics and tracking (websites vs App)

The App does not use third‑party advertising cookies or tracking pixels to function.

If Gudakesa operates public websites, those websites may use cookies for basic functionality and analytics. Any such website usage is separate from the App and governed by the website’s disclosures.

12. Security incident reporting and handling

  • Report suspected vulnerabilities or security incidents to security@gudakesa.co.in (if unavailable, use support@gudakesa.co.in).

  • We triage reports within 2 business days and assign severity based on impact and likelihood.

  • For confirmed incidents, we contain, eradicate, and recover; customers materially affected will be notified without undue delay subject to legal and contractual obligations.

13. Vulnerability management

  • Secure SDLC: code review, least-privilege scopes, and threat-aware design for Forge functions and storage.

  • Dependency management: use of supported libraries; periodic dependency scanning; patching timelines based on severity (e.g., Critical: 7 days; High: 14 days; Medium: 30 days; Low: 90 days).

  • Security updates: expedited release process for urgent fixes; post-incident review to prevent recurrence.

14. Subprocessors and hosting

The App is Forge-first. For normal operation it does not transmit Customer Data to external (non-Atlassian) systems. Atlassian Cloud (Jira Cloud and Forge) acts as the hosting environment. If optional integrations are introduced that send data to other services, we will list those subprocessors and update this policy and our Marketplace listing.

The App does not require third-party advertising cookies or tracking pixels to function.

If Gudakesa operates public websites, those websites may use cookies for basic functionality and analytics. Any such website usage is separate from the App and governed by the website’s disclosures.

15. Your rights

16. Security contact

For security issues and vulnerability reports, email security@gudakesa.co.in (preferred). If unavailable, contact support@gudakesa.co.in.

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your Personal Data.

Because the App operates within Jira Cloud, many user/profile data rights requests should be handled by your Jira site administrator and/or Atlassian (as applicable).

For App-stored configuration/planning data, you may contact us through the support channel listed on the Marketplace listing.

17. How to contact us

For privacy questions, export/deletion requests, or concerns, contact us via the support channel listed on the App’s Atlassian Marketplace listing.

You may also email: support@gudakesa.co.in

18. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page.

Last Updated: 2026-04-27