Data Storage & Security
Overviewβ
Script Master is a 100% native Atlassian Forge application. All data β including scripts, configurations, and any values stored by the app β lives exclusively within the Atlassian Forge environment on your own cloud instance.
We do not operate any external databases or custom backend infrastructure. Application data (scripts, configuration, logs) never leaves your Atlassian Cloud instance. We do collect anonymous usage analytics (page views, feature interactions) to improve the product β see Analytics & Usage Data below.
What Data Is Stored?β
Script Master stores only the data required for the app to function:
| Data Type | Description |
|---|---|
| Scripts | JavaScript source code written by your administrators |
| App Configuration | Settings configured per product (Jira / Confluence) |
| Execution Logs | Output logs produced during script execution |
| Scheduled Job Definitions | Cron expressions and associated script references |
| Custom Field Definitions | Field type, linked script, and rendering configuration |
| Web Trigger Definitions | Endpoint names and associated script references |
No personal user data (such as profile information, credentials, or issue content) is stored by the app itself. Any Jira or Confluence data accessed via scripts is read in real time through Atlassian APIs and is never persisted by Script Master.
Where Is Data Stored?β
All data is stored using the Atlassian Forge Storage API, which is:
- Hosted entirely within Atlassian's own infrastructure
- Tenant-isolated β your data is never shared with or accessible by other Atlassian customers
- Subject to Atlassian's own security, compliance, and data residency policies
There are no external API calls to Apportunity servers, and no application data (scripts, configurations, or issue/page content) is ever transmitted outside of your Atlassian Cloud instance.
Analytics & Usage Dataβ
The app collects anonymous usage statistics to help us understand how features are used and improve the product. This data is collected via standard analytics services:
| Service | Purpose | Data Collected |
|---|---|---|
| Google Analytics | Page view and navigation analytics | Page visits, referrer, browser/OS type |
| Segment | Product analytics and feature usage | Button clicks, feature interactions, session flow |
What is NOT collected:
- Content of your Jira issues, Confluence pages, or any other instance data
- User credentials or authentication tokens
- Any personally identifiable information from your Atlassian instance
Analytics events contain only behavioral metadata (e.g. "user clicked the Run button in Script Console") and are fully anonymized before transmission.
Atlassian's Security & Complianceβ
Because Script Master is fully built on the Forge platform, Atlassian is the data processor for any information stored by the app. Your organization's existing agreements and trust relationship with Atlassian cover Script Master data storage.
For detailed information about Atlassian's security posture, certifications, and compliance frameworks, refer to the official Atlassian resources:
- Atlassian Trust Center
- Atlassian Security Practices
- Atlassian Cloud Terms of Service
- Atlassian Privacy Policy
- Forge Platform Overview
Summary for Security Reviewsβ
If your organization is conducting a security review or vendor assessment, the key facts are:
- β 100% Forge-native β no custom backend infrastructure operated by Apportunity
- β No external databases β all application data is stored via Atlassian Forge Storage API
- β Instance content stays in Atlassian Cloud β scripts, configs, and Jira/Confluence content are never transmitted externally
- β Tenant isolation β your data is logically isolated from other tenants by the Forge platform
- β Atlassian is the data processor β covered by your existing Atlassian agreements
- βΉοΈ Anonymous usage analytics β page views and feature interaction events are collected via Google Analytics and Segment; no instance content is included
For any additional questions, contact us at https://apportunity-apps.atlassian.net/servicedesk/customer/portal/1.