# Security Statement The **Workflow Buildling Blocks for Jira** app is built on Atlassian’s Forge platform and integrates securely with Jira via OAuth 2.0. All data remains within Atlassian’s cloud environment, ensuring compliance with enterprise-grade data residency and security standards. The app holds the **Runs on Atlassian** badge, confirming no customer data leaves the Atlassian ecosystem. ### Secure Integration * **OAuth 2.0 authorization** provides scoped, delegated access to Jira data, limiting permissions to only what the app needs. * The app runs entirely within Atlassian’s Forge sandbox, eliminating external servers or infrastructure. ### Data Handling & Residency * Configurations of Validators, Conditions and Post-functions and app data are stored exclusively inside Jira or Atlassian-managed infrastructure. * Data residency aligns with the region of the Jira Cloud instance, meeting enterprise geographic requirements. * No data is transmitted outside the Atlassian environment. ### Security Assurance * The app operates under the security controls of Atlassian’s cloud platform, which adheres to industry standards for cloud security and compliance. * Our development follows secure coding practices and minimal permission principles. ### Runs on Atlassian Badge * Confirms the app runs fully within Atlassian’s infrastructure without external data flows. * Provides assurance of enterprise-level security, data residency, and compliance standards. ### Incident Response * In the unlikely event of a data breach or security incident, affected users will be notified promptly and transparently. * Incident resolution and any necessary actions will be communicated clearly. ### Privacy and Compliance * [Deviniti End User License Agreement (EULA)](https://deviniti.com/support/legal/) * [Deviniti Privacy Policy](https://deviniti.com/privacy-policy-cookie/) ### Questions and Contact For any questions or concerns regarding security practices, please contact [Deviniti support](https://deviniti.atlassian.net/servicedesk/customer/portal/1). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.forgappify.com/workflow-building-blocks-for-jira/resources/security-statement.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.