Data Security Statement

Effective Date: February 6, 2026

1. Overview

At Plugio, data security is fundamental to how we build our products. Our Atlassian visualization plugins (gauge, counter, and progress bar gadgets) have been designed with a security-first approach: we do not collect, store, process, or transmit any data. This document outlines our security posture and architecture.

2. Architecture: No Data Collection

The Plugio plugin operates entirely within your Atlassian environment. Our architecture ensures:

• No external servers: Plugio does not operate any backend servers, databases, or cloud infrastructure that receives your data.
• No network calls: The Plugin does not make any network requests to Plugio-owned or third-party endpoints.
• Client-side rendering: All visualization rendering occurs in the user's browser within the Atlassian application context.
• Native data access: The Plugin reads data exclusively through Atlassian's standard gadget APIs, the same mechanism used by built-in gadgets.

3. Data Flow

The data flow within our Plugin is straightforward and contained:

1. The user configures a gadget on their dashboard (e.g., selecting a JQL filter or a project metric).
2. The gadget configuration is stored by the product's own dashboard system — not by Plugio.
3. When the dashboard loads, the Plugin reads the configured data using standard Atlassian APIs.
4. The Plugin renders the data as a visual widget (gauge, counter, or progress bar) directly in the browser.

At no point does data leave your Atlassian instance through the Plugin.

4. What We Do Not Have

• No databases or data stores of any kind.
• No server infrastructure that processes user data.
• No analytics or telemetry collection.
• No cookies, local storage usage, or browser fingerprinting.
• No access tokens, API keys, or credentials stored outside of Atlassian.
• No logging of user activity or instance data.

5. Atlassian Security Compliance

As an Atlassian Marketplace app, Plugio adheres to Atlassian's security requirements for marketplace vendors. The Plugin is distributed through the Atlassian Marketplace and is subject to Atlassian's review processes.

6. Your Data Stays with Atlassian

Your data remains under the control of your Atlassian instance at all times. The security of your underlying data is governed by Atlassian's own security practices and your organization's administration policies. Plugio does not alter, affect, or introduce any additional risk to your data security posture.

7. Vulnerability Reporting

If you believe you have discovered a security vulnerability in the Plugio plugin, please report it to us promptly. We take all reports seriously and will investigate and respond as quickly as possible.

Email: [email protected]

8. Changes to This Statement

We may update this Data Security Statement to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any updates will be posted on this page with an updated effective date.

9. Contact Us

For any questions about our data security practices, please contact us at:

Email: [email protected]