Privacy Policy

Owned by Pavel Pavlovsky
Last updated: Feb 13, 2024
10 min read

Effective Feb 9, 2024

Introduction

In this Privacy Policy we, us, our or AppLiger means Appliger Sp. z o. o. - a company with a registered seat in Dietla 93/7 Street, 31-031, Kraków, Poland, entered in the register of entrepreneurs kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under number: 0000941392, e-mail: contact@appliger.com

We are an Atlassian Marketplace Partner, and offer products through Atlassian Marketplace, including Cloud apps and downloadable Server and Data Center apps. We refer to these apps as “Services”.

This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or otherwise collected by us, offline or online, including through our website (“Site”) and from users of our Services.

When we collect, receive, store, and use your personal information, we do so in accordance with the rules set down by the European Union General Data Protection Regulation (EU) 2016/679 (the GDPR).

Personal information

Personal information: The types of personal information or personal data we may collect about you include:

Customer information

  • Company Name

  • Region

  • Country

  • Maintenance Period

Customer contact

  • Technical Contact Email

  • Technical Contact Name

  • Technical Contact Phone

  • Technical Contact Address

  • Technical Contact City

  • Technical Contact State

  • Technical Contact Postcode

  • Billing Contact Name

  • Billing Contact Email

  • Billing Contact Phone

  • Billing Contact Address

  • Billing Contact City

  • Billing Contact State

  • Billing Contact Postcode

Partner information

  • Partner Name

  • Partner Type

  • Partner Contact Name

  • Partner Contact Email

Other information

  • details of the services we have provided to you and/or that you have enquired about, and our response to you

  • your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behavior while using our Site

  • information about your access and use of our Site, including through the use of Internet cookies, your communications with our Site, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider

  • additional personal information that you provide to us, directly or indirectly, through your use of our Site, associated applications, associated social media platforms and/or accounts from which you permit us to collect information; and

  • any other personal information requested by us and/or provided by you or a third party.

We may collect these types of personal information directly from you or from third parties.

Collection and use of personal information

In line with Article 13(1)(d) combined with Article 6(1)(f) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, the processing is required to serve the legitimate interests pursued by us as the data controller under the General Data Protection Regulation.

We may collect, hold, use and disclose personal information for the following purposes:

  • to maintain the functionality of the Services;

  • for purposes related to the research and development of the Services;

  • for customer support purposes, including resolving technical issues and improving the Services;

  • to contact and communicate with you regarding our Services;

  • to enable you to access and use our Site, associated applications and associated social media platforms

  • for internal record-keeping and administrative purposes;

  • for analytics, market research and business development, including to operate and

  • improve our Site, associated applications and associated social media platforms;

  • for advertising and marketing, including to send you promotional information about our products and Services and information about third parties that we consider may be of interest to you and

  • to comply with our legal obligations and resolve any disputes that we may have.

Disclosure of personal information to third parties

We may disclose personal information to:

  • third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting providers, professional advisors and payment systems operators;

  • our employees, contractors and/or related entities;

  • anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;

  • credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;

  • courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;

  • third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing

  • third parties to collect and process data, such as Google Analytics or other relevant businesses. This may include parties that store data outside of EU.

Where we disclose your personal information to third parties, including data processors or data sub-processors, we will request that the third party handle your personal information in accordance with this Privacy Policy. The third party will only process your personal information in accordance with written instructions from us and we require that the third party either complies with the privacy shield principles set out in the GDPR or another mechanism set out by applicable EU & Swiss data protection laws for the transfer and processing of personal information. When we refer to ‘processing’ in this clause and this Privacy Policy in general, we mean any operation or set of operations which is performed on personal information, whether or not by automated means, such as collecting, recording, organising, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available personal information.

Please note that we use the following third parties (Subprocessors) to process your personal information:

Name

Domain

Location

Purpose

Name

Domain

Location

Purpose

Atlassian

https://www.atlassian.com/legal/data-processing-addendum

USA

Host app, ticket management, data processing

AWS

https://aws.amazon.com/

USA

Data Storage, hosting infrastructure

Google

https://workspace.google.com/

https://analytics.google.com/

EU

Analytics, Email accounts

Amplitude

https://analytics.amplitude.com/

USA

Analytics

AppSignal

EU

Logs, troubleshooting, maintenance

Slack

EU

Team Chat services

Mailerlite

EU

Customer Communication, Marketing

Our responsibilities as a ‘controller’ under the GDPR

Controllers are defined by the GDPR as natural or legal persons, a public authority, agency or other body to which personal information or personal data has been disclosed, whether via a third party or not, and who determines the purposes and means of processing personal information. We are a controller under the GDPR as we collect, use and store your personal information to enable us to provide you with our services.

As a controller, we have certain obligations under the GDPR when collecting, storing and using the personal information of EU citizens. If you are an EU citizen, your personal data will:

  • be processed lawfully, fairly and in a transparent manner by us

  • only be collected for the specific purposes we have identified in the ‘collection and use of personal information’ clause above and personal information will not be further processed in a manner that is incompatible with the purposes we have identified

  • be collected in a way that is adequate, relevant and limited to what is necessary in relation to the purpose for which the personal information is processed

  • be kept up to date, where it is possible and within our control to do so (please let us know if you would like us to correct any of your personal information)

  • be kept in a form which permits us to identify you, but only for so long as necessary for the purposes for which the personal data was collected

  • be processed securely and in a way that protects against unauthorised or unlawful processing and against accidental loss, destruction or damage.

Specifically, we have the following measures in place, in accordance with the GDPR:

  • Data protection policies: We maintain internal policies that outline the procedures for the collection, storage, and handling of personal information to safeguard your data.

  • Right to request erasure of personal information: You have the right to request the deletion of any personal information we hold about you.

  • Right to request restriction of data processing: You have the right to request limitations on the processing of your personal information. This request can be made if you believe the information we hold is inaccurate and needs verification, or if the processing is unlawful and you prefer restriction over deletion.

  • Right to receive a copy of your personal information: You have the right to receive a copy of the personal information we hold about you upon request.

  • Right to transfer your personal information from us to another controller: You have the right to request the transfer of your personal information from us to another data controller of your choice.

  • Notification of data breaches: We adhere to GDPR regulations regarding the notification of any data breaches.

Our responsibilities as a ‘processor’ under the GDPR

Where we are a processor, we have contracts containing certain prescribed terms in our contracts with controllers. Depending on circumstances, we can be a controller or processor or controller and processor. In addition to:

  • our contractual obligations with controllers (where we are solely a processor);

  • our legal obligations under the GDPR as a controller (where we are both a controller and processor) as a processor we also have the following responsibilities under the GDPR:

    • not to use a sub-processor without the prior written authorisation of the data controller;

    • to co-operate with supervisory authorities;

    • to ensure the security of our processing;

    • to keep records of processing activities;

    • to notify any personal data breaches to the data controller; and,

    • to employ a data protection officer and appoint (in writing) a representative within the European Union if required by the GDPR.

Your rights and controlling your personal information

Choice and Consent: Please review this Privacy Policy thoroughly. By furnishing us with personal information, you are giving your consent for us to collect, retain, utilize, and disclose your personal information in accordance with this Privacy Policy. If you are below the age of 16, you must have obtained permission from your parent or legal guardian, and you warrant to us, to the extent permitted by law, that you have obtained their consent to access and use the Site or the Services, and that they (your parents or guardian) have consented to you providing us with your personal information. While you are not obligated to provide us with personal information, please note that abstaining from doing so may impact your ability to use our Site or the Services offered on or through it.

Information from Third Parties: If we receive personal information about you from a third party, we will handle it in accordance with the guidelines outlined in this Privacy Policy. If you are a third party providing personal information about another individual, you confirm and assure us that you have obtained the requisite consent from such individual to furnish us with their personal information.

Restriction of Personal Information Use: You have the option to limit the collection or utilization of your personal information. Should you have previously consented to the use of your personal information for direct marketing purposes, you retain the right to change your preferences at any time by contacting us using the information provided below. Upon your request to restrict the processing of your personal information, we will inform you about how this restriction may affect your interaction with our Site or the usage of our products and Services.

Access, Data Portability, and Correction: You are entitled to request details regarding the personal information we hold about you, including the option to obtain a copy of this data. Additionally, you may request the deletion of your personal information at any time, or request its transfer to another third party (data portability). Should you believe that any information we hold about you is inaccurate, outdated, incomplete, irrelevant, or misleading, please contact us using the details provided below. We will take the necessary steps to rectify any inaccuracies or omissions promptly.

Complaints: If you believe that we have breached the EU Privacy Principles or an article of the GDPR and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.

Subscription Management: If you wish to unsubscribe from our email list or opt out of receiving communications, including marketing materials, please contact us using the information provided below or utilize the opt-out mechanisms included in our communications.

Storage and security

We are dedicated to ensuring the security of the personal information we gather. To prevent unauthorized access or disclosure, we have implemented appropriate physical, electronic, and managerial measures aimed at protecting and securing personal information. These measures are designed to safeguard personal information from misuse, interference, loss, and unauthorized access, alteration, or disclosure.

Please note that while we take steps to protect your personal information, we cannot guarantee the security of information transmitted to or by us over the Internet. The transmission and exchange of information are conducted at your own risk. Despite our efforts to prevent unauthorized disclosures, we cannot guarantee that the personal information we collect will never be disclosed in a manner inconsistent with this Privacy Policy.

Downloadable Applications

Our downloadable applications store all information within the Atlassian Jira server product where they are installed. All data is stored within your IT system (Server or Data Center) that hosts the Atlassian Jira server product.

When you download, install, or use the applications, no information stored on the installation IT system is shared with us. The applications do not transmit data from your IT system or from end-users' web browsers to us or any third party.

Cloud Applications

Cloud-based apps can only be installed within the Atlassian Jira Cloud service. In this scenario, the information or data you provide may be stored on our secure servers, although we currently employ a third party to provide this service. By using cloud-based applications, we have access to user information as outlined in this Privacy Policy, which may include data on how and when the applications are used.

Our Cloud-based applications participate in Atlassian's Marketplace Security Bug Bounty Program, which utilizes crowdsourced vulnerability discovery methods through bug bounty. This program is regarded as one of the most effective post-production tools for detecting vulnerabilities in applications and services.

Cookies and web beacons

From time to time, we may utilize cookies on our Site. Cookies are small text files placed in your web browser to store your preferences. Cookies themselves do not reveal your email address or other personally identifiable information. However, they may allow third-party services, such as Google, to display our advertisements on your social media and online platforms as part of our retargeting efforts. If you choose to provide personal information on our website, it may be linked to the data stored in these cookies.

Additionally, we may employ web beacons (also known as Clear GIFs) on our Site. Web beacons are tiny snippets of code embedded in a web page to track visitor behavior and gather information about their interactions with the page. For instance, web beacons can be used to tally the number of visitors to a page or deliver a cookie to a visitor's browser.

We may also utilize Google Analytics to collect and analyze data on our Site. For more information on how Google utilizes data from third-party websites or applications, please refer to or any other URL designated by Google.

Our Site may contain links to other websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Amendments

This Privacy Policy may be modified at our discretion and at any time. Any changes to the Privacy Policy become effective once we notify you of the update by revising the "last updated" date.

For any questions or notices, please contact us at: contact@appliger.com