/
Security and compliance

Security and compliance

This page is about OKR for Jira Cloud.

Security

  • Continuous monitoring: We constantly monitor security and process compliance to ensure your data is safe.

  • Code review & analysis: All code undergoes peer review and automatic static analysis to identify vulnerabilities.

  • Data encryption: Data is encrypted at rest for added protection.

  • Third-party verification: Source code dependencies are scanned for potential security risks.

  • Security training: All employees receive comprehensive security awareness training.

  • Multi-factor authentication: Multi-factor authentication is required for all systems.

  • Background checks: Rigorous background checks are conducted for all staff.

  • Bug bounty program: We actively participate in bug bounty programs to identify and address potential issues.

Reliability

  • Platinum Partner Support: We are a Platinum Atlassian Marketplace Partner, ensuring the highest level of support.

  • Multiple support channels: We offer convenient support through a dedicated Support Portal and email.

  • Extensive experience: With over 6 years on the Atlassian Marketplace, we have a proven track record of success.

  • Cloud Fortified: We meet strict Cloud Fortified security standards for cloud-based applications.

Compliance

  • ISO 27001 Certification: We are actively pursuing ISO 27001 certification, a globally recognized security standard.

  • GDPR Compliance: We are committed to complying with GDPR regulations for data protection.

  • Transparent Privacy Policy: Our detailed privacy policy clearly outlines how we handle your data.

Data storage

What OKR data is stored by Appfire?

Appfire stores the following data to support OKR functionality:

  • Objective and Key Result details: names, descriptions, labels, teams, and hierarchy levels

  • Key Result values: including historical progress over time

  • Time periods: names and associated date ranges

  • Issue references: IDs of Jira issues linked to OKRs

  • User references: user IDs only (no personal details)

Does Appfire store or duplicate any sensitive Jira data?

No. Appfire does not duplicate or store sensitive data from Jira.

  • Jira data is referenced by ID only, not copied.

  • User details such as names and email addresses are not stored.

  • Issue content such as summary, description, and status is not retained by Appfire.

Where is OKR for Jira data stored?

All OKR for Jira data is stored securely in Atlas Mongo, hosted on Amazon Web Services (AWS) infrastructure.

  • Data is hosted in either the United States or the European Union, depending on the data residency of your Jira instance.

  • Your data remains within the region aligned with your Jira Cloud hosting location.

Should you have any questions regarding our data security policy, please refer to EULA FAQ or contact us.

Need support? Create a request with our support team.

Copyright © 2005 - 2025 Appfire | All rights reserved.