BottleneckIQ

Privacy Policy

Effective date: 2026-05-08

Vendor: Desveladisimo Contact: support@bottleneckiq.com

1. Scope

This Privacy Policy describes how Desveladisimo ("we", "the vendor") collects, uses, stores, and shares data when you ("the customer") install and use the BottleneckIQ Forge app on an Atlassian Cloud Jira instance.

This policy applies only to data the BottleneckIQ app processes. It does NOT cover data Atlassian itself collects from your Jira instance — see Atlassian's privacy policy.

2. Data we collect

When the app is installed and running, it processes the following data from your Jira instance via the Forge platform's read-only scopes for issues, projects, and users (specifically read:jira-work, read:jira-user, read:issue:jira, read:issue.changelog:jira, read:issue-meta:jira, read:jql:jira, read:project:jira, read:user:jira):

  • Issue metadata. Issue keys, summaries, statuses, types, priorities, assignees (display names), created / updated / done timestamps, project keys.
  • Issue changelogs. The full transition history we need to compute time-in-status metrics.
  • Custom-field values for two specific fields. Story Points and Sprint membership. The app reads only these two custom fields plus the standard Jira fields above; nothing else.
  • Sprint metadata. Sprint names, start / end / complete dates, board IDs, state.
  • Tenant metadata. The Atlassian Cloud site ID and the install ID Atlassian's Forge platform issues at install time.

We do not collect issue descriptions, comments, attachments, worklogs, time tracking entries, security-restricted data, or anything else outside the fields listed above.

3. Where data is stored

  • Region: AWS US East 1 (Northern Virginia). All persisted data lives in this region.
  • Database: Amazon RDS Postgres, encrypted at rest using AWS KMS.
  • Tenant isolation: Every record is scoped to the Atlassian install ID. Postgres Row-Level Security policies prevent cross-tenant access at the database layer.
  • Backups: RDS automated snapshots, retained 7 days.

4. How we use the data

  • Compute flow metrics for the dashboard — bottleneck detection, cycle time scatter, cumulative flow diagram, WIP aging, alerts.
  • Render the dashboard to authenticated users on your Jira install.
  • Operational logging. Sync events, errors, and authentication failures are logged for debugging and security monitoring. Logs do not contain issue summaries or other identifiable issue content beyond keys and IDs.

We do not:

  • Sell, rent, or share customer data with third parties for marketing purposes.
  • Use customer data to train any machine-learning model.
  • Aggregate customer data across tenants for benchmarking, even anonymously.

5. Sub-processors

  • Amazon Web Services, Inc. — hosting (App Runner, RDS Postgres, CloudWatch).
  • Atlassian — Forge platform; runtime token issuance; webhook delivery.
  • Anthropic, PBConly when the AI explanation feature is enabled, and only to translate already-computed numeric signals (e.g., "Code Review time ratio = 1.7") into a single English sentence. No issue keys, summaries, or other identifiable content is sent to Anthropic. The feature can be disabled per tenant in the dashboard's Settings tab.

A current list of sub-processors is maintained at this URL. Material changes will be communicated by updating this policy and the in-app notice.

6. Data retention and deletion

  • Active installs. Data is retained for as long as the app is installed.
  • Uninstall. When you uninstall BottleneckIQ from your Atlassian site, the Forge platform fires avi:forge:uninstalled:app to our backend. Within minutes, the tenant row and all cascaded data (issues, transitions, time slices, sprints, alerts, WIP limits, settings) are deleted from the live database.
  • Backups. Backups containing pre-uninstall data age out of the 7-day retention window. Beyond 7 days, no copy of your data exists in our systems.
  • Manual deletion request. You can request immediate manual deletion (including from backups, on a best-effort basis) by emailing support@bottleneckiq.com.

7. Authentication and access

  • The app authenticates every backend request using Forge Invocation Tokens (FITs) signed by Atlassian. FITs are short-lived (~3 minutes) and validated against Atlassian's JWKS on every call.
  • The vendor's engineering team accesses production data only when necessary to investigate a customer-reported issue, and only with written authorization from the affected customer. Accesses are logged.
  • We do not have a separate user/admin system. Permission is delegated entirely to Atlassian (the user must have access to the Jira project to see its data).

8. Data residency

All data is stored in AWS US East 1. We do not currently offer EU, APAC, or other-region residency. If your compliance requirements mandate a specific region, contact us before installing.

9. Personal Data Reporting protocol

We participate in Atlassian's Personal Data Reporting protocol for Marketplace apps. Every 7 days, BottleneckIQ reports the Atlassian accountIds for which we hold personal data (assignee display names) to Atlassian's report-accounts endpoint. Atlassian responds with per-account statuses; for any account marked closed (i.e., the user was deleted or anonymized in Atlassian), we automatically null out the corresponding assignee field on every issue row in our database. No manual intervention required from you or the user.

This is the technical implementation of GDPR's "right to erasure" — Atlassian mediates the request via their reporting protocol, and our app honors it within one cycle (≤7 days from anonymization).

10. Your rights

If you are a data subject under GDPR or similar regulations:

  • You can request access to the personal data we hold about you (typically: your Atlassian display name, if it appears as an issue assignee — we do not collect or store user email addresses).
  • You can request correction or deletion outside of the Atlassian-mediated protocol described above.
  • You can request export of your data in a portable format.

Contact support@bottleneckiq.com with the request. We respond within 30 days.

11. Changes to this policy

Material changes will be posted at this URL and announced in the app's release notes. Continued use of the app after a change constitutes acceptance.

12. Contact

support@bottleneckiq.com