# Security Statement The **Workflow Buildling Blocks for Jira** app is built on Atlassian’s Forge platform and integrates securely with Jira via OAuth 2.0. All data remains within Atlassian’s cloud environment, ensuring compliance with enterprise-grade data residency and security standards. The app holds the **Runs on Atlassian** badge, confirming no customer data leaves the Atlassian ecosystem. ### Secure Integration * **OAuth 2.0 authorization** provides scoped, delegated access to Jira data, limiting permissions to only what the app needs. * The app runs entirely within Atlassian’s Forge sandbox, eliminating external servers or infrastructure. ### Data Handling & Residency * Configurations of Validators, Conditions and Post-functions and app data are stored exclusively inside Jira or Atlassian-managed infrastructure. * Data residency aligns with the region of the Jira Cloud instance, meeting enterprise geographic requirements. * No data is transmitted outside the Atlassian environment. ### Security Assurance * The app operates under the security controls of Atlassian’s cloud platform, which adheres to industry standards for cloud security and compliance. * Our development follows secure coding practices and minimal permission principles. ### Runs on Atlassian Badge * Confirms the app runs fully within Atlassian’s infrastructure without external data flows. * Provides assurance of enterprise-level security, data residency, and compliance standards. ### Incident Response * In the unlikely event of a data breach or security incident, affected users will be notified promptly and transparently. * Incident resolution and any necessary actions will be communicated clearly. ### Privacy and Compliance * [Deviniti End User License Agreement (EULA)](https://deviniti.com/support/legal/) * [Deviniti Privacy Policy](https://deviniti.com/privacy-policy-cookie/) ### Questions and Contact For any questions or concerns regarding security practices, please contact [Deviniti support](https://deviniti.atlassian.net/servicedesk/customer/portal/1).