Pipeline Optimizer - Privacy Policy
Effective starting: January 1, 2026
1. Who we are
Controller: Chris Hatch
Contact for privacy matters: [email protected]
2. Scope & applicability
This policy covers the processing of personal data that occurs when a user installs or runs Pipeline Optimizer (the “App”) from the Atlassian Marketplace. It applies globally – the App is offered to customers in every jurisdiction, so the policy is written to satisfy major global privacy frameworks, including the European Union's GDPR, the United Kingdom's UK-GDPR, California's CCPA/CPRA, Brazil's LGPD, China's PIPL, Japan's APPI, India's DPDP Act, Indonesia's PDP Law, Russia's Federal Law No. 152-FZ, Canada's PIPEDA, Australia's Privacy Act, and other comparable regimes.
3. Information we do not collect or store
- We never retrieve, store, or transmit any end-user or company-level personal data (e.g., names, emails, employee IDs).
- The only data we ever touch are Bitbucket Pipeline objects (pipeline ID, status, timestamps, branch name, commit SHA) that are fetched directly from the Bitbucket Cloud API on behalf of the logged-in Atlassian user.
4. Information we do collect and where it lives
| Data element | Source | Purpose | Storage location | Retention |
|---|---|---|---|---|
| Bitbucket pipeline metadata (ID, status, timestamps, branch, commit SHA) | Bitbucket Cloud API (via Forge) | Render pipeline dashboards, trigger notifications, allow filtering/search | Atlassian Cloud (Forge storage) – part of the App's data tier | Kept as long as the user keeps the App installed; removed automatically when the App is uninstalled or the user requests deletion |
| Operational logs (request IDs, error traces) | Forge runtime & DataDog agent | Debugging, performance monitoring, security auditing | DataDog (third-party SaaS) | Retained 30 days, then automatically purged |
| Analytics events (usage counts, feature activation) | Forge analytics (built-in) | Product improvement, roadmap planning | Atlassian Cloud (aggregated, no personal identifiers) | Aggregated forever; raw event logs are deleted after 90 days |
No personal identifiers (email, Atlassian Account ID, IP address) are stored permanently. Any temporary identifiers used for logging are hashed and discarded after the retention period noted above.
5. Legal basis (GDPR)
| Processing activity | Legal basis |
|---|---|
| Retrieval of pipeline metadata to provide the core functionality of the App | Performance of a contract – the user has explicitly installed the App and expects it to read pipeline data. |
| Temporary logging for security and debugging | Legitimate interests – necessary to maintain the security, stability and reliability of the service. |
| Aggregated usage analytics | Legitimate interests – to improve the App and inform future development. Users may opt-out via the App's settings (see § 9). |
6. International data transfers
- All data that remains under our control stays within the Atlassian Cloud region selected by the customer (EU, US, APAC, etc.).
- Logs sent to DataDog are transferred to DataDog's global infrastructure under the Standard Contractual Clauses (SCCs) that DataDog provides to its customers. No personal data is included in those logs.
7. Data security
- All communications between the App and Bitbucket Cloud use TLS 1.3.
- Access tokens are stored only in memory and never persisted.
- Forge enforces least-privilege scopes – the App requests only read permissions for the following:
read:repository:bitbucketread:pullrequest:bitbucketread:project:bitbucketread:workspace:bitbucketread:pipeline:bitbucketread:runner:bitbucket
- Regular security reviews are performed in line with Atlassian's Marketplace Security Program and the ISO 27001, ISO 27017 and SOC 2 certifications held by our third-party partners (DataDog, Sentry.io).
8. Your rights (GDPR & comparable laws)
| Right | How to exercise it |
|---|---|
| Access / Portability – obtain a copy of any pipeline data we retain | Send a request to [email protected]; we will export the data in JSON within 30 days. |
| Rectification – correct inaccurate pipeline records | Not applicable – we do not store editable personal data. |
| Erasure – delete all retained pipeline data and logs | Send a request to [email protected]; we will purge the App's storage and trigger log deletion. |
| Restriction – limit processing of your data | Disable the App in the Atlassian Marketplace; this stops further retrieval. |
| Objection – object to profiling or analytics | Opt-out via the App's “Analytics” toggle (see § 9). |
| Complaint – lodge a complaint with a supervisory authority | You may contact the data-protection authority in your jurisdiction. |
9. Data Retention
- Uninstalling the App triggers a “soft deletion” of data hosted in Forge storage. Data is permanently removed after 30 days, in accordance with Atlassian's data retention policies.
10. Third-party processors
| Processor | Service | Why we use it | Link to their privacy notice |
|---|---|---|---|
| DataDog | Log aggregation & monitoring | Real-time error tracking, performance metrics | https://www.datadoghq.com/privacy/ |
| Sentry.io | Exception reporting | Capture stack traces for crash debugging | https://sentry.io/privacy/ |
| Atlassian Forge | Hosting & storage | Runs the App in a secure, isolated environment | https://www.atlassian.com/legal/privacy-policy |
We have Data Processing Agreements (DPAs) with each processor that incorporate the EU-standard contractual clauses.
11. Cookies & tracking on our public website
No cookies are set by the App.
Our public website may set cookies for session handling and optional analytics cookies. Users can decline non-essential cookies via the banner.
12. Changes to this policy
Process for updating the policy
- Internal review – At least once per quarter the product team, legal counsel and security lead review the policy for regulatory or architectural changes.
- Versioning – Each amendment increments the “Effective Date” and adds a short change log at the top of the document.
- Marketplace notification – When the policy changes, the new version is uploaded to the App's Atlassian Marketplace listing. A banner appears on the listing page stating “Privacy Policy updated on [date] – see details”.
13. Contact us
If you have any questions, wish to exercise your data-subject rights, or need clarification, please reach out to:
[email protected]