Security & Privacy FAQ page

Certifications

Runs on Atlassian

The Runs on Atlassian program helps customers identify Forge apps that can benefit enterprise customers with strict data privacy requirements. The Runs on Atlassian badge is automatically applied to eligible apps on the Atlassian Marketplace.

About this badge - read more

Cloud Fortified

The Cloud Fortified Apps Program aims to serve our largest customers and those with more business-critical operating requirements for apps.

How it works - read more
What Atlassian Developer says - read more

Marketplace Security Bug Bounty Program

A bug bounty program is one of the most powerful post-production tools for detecting vulnerabilities in applications and services.

What Atlassian Developer says - read more

SaaSJet is a Platinum Marketplace Partner

What does “Platinum partner” mean? According to annual gross sales ("Purchase Price" in Marketplace reports), a minimum $1M annual gross sales comprised a minimum of 35% from the cloud.

How we became a Premium partner - our history of success
What Atlassian Developer says - read more

Security

ChatGPT Image 23 июл. 2025 г., 13_50_20.png

System and Organization Controls - SOC 2

SOC 2 reports are independent, third-party examination reports that demonstrate how an organization achieves key compliance controls and objectives.

What Atlassian says about Trust Service Criteria (TSC) - read more
SaaSJet is SOC 2 Type 2 compliant - read more

Security Contact

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please contact us at security@saasjet.com

Support

Working hours: Mon-Fri 24hrs GMT+3

Phone: +1 888 396 0501

Book a demo session: click to schedule an online free demo

Support portal: click to create a ticket

Help: Read the documentation

About SaaSJet — The Vendor Behind Issue History for Jira

Issue History for Jira is developed and maintained by SaaSJet, a Platinum Atlassian Marketplace Partner focused on secure, enterprise-grade Jira solutions.

Key security foundations:

SOC 2 Type II compliant processes
Secure Development Lifecycle (SDLC)
Alignment with Atlassian Cloud security standards
Scope-limited data access (minimum permissions required)
Regular vulnerability monitoring and security reviews

For full documentation, visit the SaaSJet Trust Center.

Procurement FAQ

Q: Who is the legal vendor of Issue History for Jira?

A: Issue History for Jira is developed and maintained by SaaSJet, an Atlassian Platinum Marketplace Partner with enterprise customers worldwide.

Q: Is the vendor financially stable and established?

A: Yes. Platinum Marketplace Partner status requires significant annual revenue, long-term ecosystem presence, and proven enterprise track record.

Q: Is the app SOC 2 compliant?

A: Yes. SaaSJet maintains SOC 2 Type II compliance and follows secure development lifecycle (SDLC) practices.

Q: How is the app licensed?

A: Licensing follows the Atlassian Marketplace subscription model based on user tier.

Q: How are security vulnerabilities handled?

A: SaaSJet participates in the Marketplace Security Bug Bounty Program and follows responsible disclosure and remediation procedures.

Q: What support model is provided?

A: Standard support is available during business hours, with enterprise-level coordination for security and procurement inquiries upon request.

Q: How quickly are security incidents handled?

A: Security-related inquiries are prioritized and handled by the dedicated security team.

General FAQ

Data storage questions:

Q: What data does the app store?

A: Issue History for Jira does not store all customers' personal data in its databases; it only reads all changes "on the fly" in task logs and displays them in a convenient format. We only store the current add-on settings configuration, which specifies a set of rules on how to display changes.

Q: What kind of data do you store?

A: The app stores:

configuration of users' settings
quick start template formats
names of saved templates

Q: Where do you store information?

A: We store service information in properties based on the Atlassian platform. What are properties? - https://developer.atlassian.com/cloud/jira/software/jira-entity-properties/

Q: Do you encrypt the data you store?

A: We do not store personal information about our customers (names, addresses, emails, accounts). The rest of the service information is encrypted and transmitted using the TLS/SSL protocol and Encryption at rest.

Q: Is it safe to use the Issue History app?

A: Yes, the Issue History app does not save all changes in client tasks, it only reads the change log "on the fly" and shows the results of filtering in the add-on. Only the settings for working with the add-on can be saved.

Read our Privacy and Security Policy - https://saasjet.com/privacy-policy/

Q: Can Issue History for Jira be used to ensure CFR 21 Part 11 compliance?

A: Issue History for Jira helps to meet such Part 11 FDA requirements:

get an audit trail (log of all changes made to a file or data) to prevent falsified records
track and keep deleted Jira issues to be sure nothing is lost forever
export data from the system into a clear document (XLSX or CSV) to present it to FDA inspection

*There is no option for an electronic signature in the plugin.

Restore deleted work items questions:

Q: How does the "Restore deleted work items" option work?

A: You need to activate the option so that our app can receive information about the task deletion. We store information about a deleted task in Project properties AFTER it is deleted. What are Properties - see here https://developer.atlassian.com/cloud/jira/software/jira-entity-properties/

Common security questions:

Q: Do you have security officer in your company?

A: Yes, we have a security officer in the company. Contact at security@saasjet.com

Q: What security policy is followed in your company?

A: You can read the full list of our company's Policy by following this link - Documents are available upon the user's request.

Q: What is the security monitoring strategy for the servers in AWS?

Amazon Cloudwatch
Datadog

Q: What's your business continuity in times of disruption (COVID, etc.)

A: We work remotely according to the work schedule. Support center available (email and Jira requests) - 24/7, chat service from 12 pm to 8 pm (GMT+3), and phone service from 9 am to 12 am from Monday to Friday.

Our mission is to ensure information system uptime, data integrity, availability, and business continuity. We have process-level plans for recovering critical technology platforms and the telecommunications infrastructure in case of disaster. Learn more

Q: Do developers have access to update the code in production?

A: Only the Lead responsible for the product and the DevOps engineer have access to production for quick response in case of an incident. All code is deployed automatically, and several specialists check each change.

Data Residency

Q: Does Issue History for Jira Cloud support data residency?

A: Yes, Issue History for Jira app is Data Residency compliant. With Data Residency in Jira Cloud, you can control the geographic region where your data is stored.

More info - Data Residency in Issue History for Jira

App questions

Q: Is it possibility to provide permission to selected users and groups?

A: Yes, it is possible. According to the permissions section, you can add permissions at the group level to view changes, restore deleted work items, etc. For more information about this option, read here - Permissions for Working With Issue History

If you want to make access at the user level, you can create separate groups for the corresponding users.

Q: Do you have backup and restore of data?

A: Yes, we have backup / restore policy - Documents are available upon the user's request.

Q: Do you have disaster recovery plans?

A: Yes, you can read more here - Documents are available upon the user's request.