Skip to content

Mermaid Privacy Policy for Confluence and Jira

This Privacy Policy applies to both the Confluence and Jira Versatile Mermaid Plugins supplied by Purple Rhapsody Tech.

Data Retention Policy

This add-on does not collect any user data whatsoever. This includes but is not limited to:

  • User Identifiers
  • Login Credentials
  • Usage statistics
  • Any Confluence or Jira content from outside the add-on
  • The Mermaid Markdown entered into Confluence or Jira add-ons
  • The image generated by the add-on

Mermaid Plugin for Jira v3 and above

No data is stored by the add-on on the Purple Rhapsody Tech servers. The only data sent to the Purple Rhapsody Tech Services is the External URI source of Mermaid markdown when a user selects that option. The External URI must always be a public URI anyway therefore there are no data concerns with this option.

All other versions

The only data stored by the add-on on the Purple Rhapsody Tech servers is a client identification key used by Atlassian to identify a valid installation of the add-on. This does not contain any user-identifiable information and is used to prevent unauthorised use of the add-on.
Essentially the add-on is a pass-through service where the image is rendered in real time from Purple Rhapsody Tech’s own Mermaid server and returned directly to Confluence or Jira without any of the information being stored on any server.

Data Security

All data sent from Confluence or Jira to the add-on is sent over SSL connection, and all information sent from the add-on to the rendering server (when required) is also then encrypted. No plain text information is sent from Confluence or Jira to the add-on and every request to the add-on from Confluence or Jira has to pass authentication using the client identification key mentioned in the Data Retention Policy above (hence why it is the only data stored by the add-on on the Purple Rhapsody Tech servers).