This article details the data that is stored in our database for the email / Outlook add-in feature. In general, we don’t store actual content from your system(s), but only metadata, settings and similar data. Some of the data is only collected when certain features are active (like conversation sharing).
Jira issue shared conversation access
When sending an email from Jira or creating a new issue from Outlook, a user can allow other Jira users to access the email conversation from Jira, without actually being a recipient of the emails. We call this feature “conversation sharing”. To support this feature, we have a database table specifying the exact sharing permissions.
Email conversation ID
Jira instance information
To be able to identify your Jira system correctly, we store certain information about it in our database. For Jira Cloud, this data is provided by Atlassian directly, for Jira Server and Data Center, we provide this ourselves (also see https://yasoon.atlassian.net/wiki/spaces/M365fJ/pages/2331511130/Teams+Install+the+app+for+Jira+Server+Data+Center#Initial-configuration).
Shared secret (shortened)
If you are not using the conversation sharing feature, the Outlook add-in will not send any data to our own server as of now. Going forward, especially if you are using Office 365 / Microsoft 365, many features will rely on storing information in our own infrastructure (e.g. notifications about new emails in a conversation).
To be able to bi-directionally access Jira & Outlook, we store user-based and application-based access tokens in our database. These tokens are encrypted at rest and additionally at application level, using industry standards (AES-256). At no time have our employees access to your Jira or Outlook content. Every access to the secret storage is only allowed for certain core employees and fully auditable. Please also refer to our Security & Privacy docs.