Security Policy

Last updated: Jul 29, 2023

Purpose

The purpose of this policy is to define web application security assessments and practices within the jFrame add-on by Addown Studio.

Scope The policy covers all data handled by the application and employees of jFrame add-on by Addown Studio.. The web application security assessments are conducted quarterly using automated and manual tools and techniques. The assessments are performed by qualified and authorized personnel from Addown Studio add-ons or a third-party provider.

Process

Ensure all information is encrypted in compliance with Atlassian’s security requirements for cloud apps.
Frequently search for potential security vulnerabilities in the code and ensure proper security standards and best practices have been met.
Avoid storing any information, which includes but is not limited to usernames, identifiers, passwords, emails, diagram markup etc.
Ensure all Addown Studio add-ons employees have been properly trained to enforce this policy.

Incident Response

In the event of a security breach, vulnerability, or issue affecting the app or its customers, Addown Studio add-ons will promptly notify Atlassian and the affected customers and take appropriate remediation actions.
Addown Studio add-ons will document and report the details of the incident, such as the cause, the impact, the resolution, and the lessons learned.
Addown Studio add-ons will cooperate with Atlassian and any relevant authorities in investigating and resolving the incident.

Compliance

Addown Studio add-ons complies with all applicable laws, regulations, and standards that govern the protection of personal data and information security, such as GDPR, HIPAA, PCI DSS, etc.
Addown Studio add-ons undergoes regular audits and reviews by Atlassian and independent third parties to verify its compliance status and security posture.

Contact

For any questions or concerns about this policy or our security practices, please contact us at support@addownit.com.