Data Retention Policy
This add-on does not collect any user data whatsoever. This includes but is not limited to:
- User Identifiers
- Login Credentials
- Usage statistics
- Any Confluence or Jira content from outside the add-on
- The Mermaid Markdown entered into Confluence or Jira add-ons
- The image generated by the add-on
Mermaid Plugin for Jira v3 and above
No data is stored by the add-on on the Purple Rhapsody Tech servers. The only data sent to the Purple Rhapsody Tech Services is the External URI source of Mermaid markdown when a user selects that option. The External URI must always be a public URI anyway therefore there are no data concerns with this option.
All other versions
The only data stored by the add-on on the Purple Rhapsody Tech servers is a client identification key used by Atlassian to identify a valid installation of the add-on. This does not contain any user-identifiable information and is used to prevent unauthorised use of the add-on.
Essentially the add-on is a pass-through service where the image is rendered in real time from Purple Rhapsody Tech’s own Mermaid server and returned directly to Confluence or Jira without any of the information being stored on any server.
Data Security
All data sent from Confluence or Jira to the add-on is sent over SSL connection, and all information sent from the add-on to the rendering server (when required) is also then encrypted. No plain text information is sent from Confluence or Jira to the add-on and every request to the add-on from Confluence or Jira has to pass authentication using the client identification key mentioned in the Data Retention Policy above (hence why it is the only data stored by the add-on on the Purple Rhapsody Tech servers).