TRIALS


Privacy Policy for SodiusWillert apps on the Atlassian Marketplace

Effective Date: 2026-05-26

1. Introduction

This Privacy Policy describes how SODIUS SAS processes personal data in connection with its business activities and its Atlassian Marketplace applications.

SODIUS SAS is committed to protecting personal data and applying appropriate privacy and security measures in accordance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) where applicable.

This Privacy Policy covers commercial and business relationship data processed by SODIUS SAS, as well as operational data processed in connection with the Atlassian Marketplace App.

2. Commercial and Business Relationship Data

SODIUS SAS may collect and process personal data in the context of customer and prospect interactions, contractual relationships, support requests, licensing management, marketing activities, webinars, and website contact forms. Please refer to SodiusWiller's Privacy Policy for more information about how you personal data may be used. (https://www.sodiuswillert.com/en/privacy-policy).

The categories of personal data may include professional contact details, company information, communication history, subscription information, and support-related information.

Personal data is processed only for legitimate business purposes including customer relationship management, contract administration, technical support, compliance obligations, and communication regarding products and services.

SODIUS SAS does not sell personal data.

 

3. Marketplace App Privacy Notice

3.1 Application Architecture

The Atlassian Marketplace App uses a hybrid architecture combining Atlassian Forge and Jira Cloud infrastructure with customer-managed on-premise infrastructure used for synchronization and integration with external compatible OSLC applications (e.g. IBM ELM, SIEMENS Polarion). The App is designed as an extension of Atlassian products and customer-managed environments and is not operated as an independent SaaS platform.

3.2 Operational Data Processing

The App may process limited operational and technical data necessary to provide integration and synchronization features, including Atlassian account identifiers, Jira metadata, synchronization references, technical identifiers, and limited licensing information.

Such operational data is processed within Atlassian-managed infrastructure and/or customer-managed on-premise infrastructure used by the synchronization components. As a result, this data is not independently hosted or accessible by SODIUS SAS by design.

SODIUS SAS does not process special categories of personal data.

3.3 Data Hosting and Access

Customer operational data remains hosted within Atlassian-managed Jira Cloud and Forge infrastructure and/or within customer-managed on-premise infrastructure. The synchronization broker and intermediary database components are deployed, hosted, and fully controlled by the Customer and are not accessible by SODIUS SAS by design.

3.4 Logs and Monitoring

The App may generate limited technical logs for troubleshooting, operational monitoring, and security purposes. Such logs are stored exclusively within Atlassian-managed platforms or customer-managed infrastructure and are therefore not accessible by SODIUS SAS by design. SODIUS SAS does not intentionally retain customer business content or unnecessary End-User Data in logs.

3.5 Data Sharing and Sub-processors

SODIUS SAS does not sell or share customer operational data with third parties except Atlassian as infrastructure provider for Jira Cloud and Forge services, or where required by law or contractual obligations.

3.6 Security and Risk Limitation

The App architecture is specifically designed to minimize data exposure risks. Customer operational data remains under the control of Atlassian-managed infrastructure and/or customer-controlled on-premise environments. The App primarily accesses and processes data through secured Atlassian APIs and customer-managed integration components, without independent Provider-hosted storage of customer business data.

 

4. International Transfers

Where international transfers of personal data occur, SODIUS SAS relies on appropriate safeguards and applicable legal transfer mechanisms where required. Operational data processed within Atlassian infrastructure is subject to Atlassian’s applicable privacy, security, and data residency controls.

5. Data Subject Rights

Where applicable, individuals may request access, rectification, deletion, restriction, objection, or portability of their personal data. Requests may be submitted using the contact information provided below.

6. Data Retention

Personal data is retained only for as long as necessary for contractual, operational, legal, regulatory, and legitimate business purposes. Operational synchronization data hosted within customer-managed environments remains under customer retention control.

7. Security Measures

SODIUS SAS applies technical and organizational measures designed to protect personal data and business systems. These measures include, but are not limited to, access control mechanisms, secure development practices, vulnerability management, data minimization principles, reliance on Atlassian Forge secure infrastructure, encryption and secure communication protocols, and internal security awareness processes.

8. Contact

For privacy-related questions or requests regarding this Privacy Policy or the Marketplace App, customers may contact SODIUS SAS using the support or privacy contact information available on website or Atlassian Marketplace listing.