Privacy Policy
Last updated: July 6, 2026
1. Introduction
This Privacy Policy explains how Team Capacity for Jira ("the App"), developed by Janek Behrens ("we", "us", "our"), handles data when installed on your Atlassian Jira Cloud instance. The App is a read-only reporting tool: it reads sprint data from your Jira boards to show per-person workload versus capacity and never modifies your issues.
2. Data We Access
The App reads the following Jira data, solely to render the capacity heatmap:
- Boards and sprints: board names, types and their projects; sprint names, states and dates — used by the board/sprint pickers and to find the active sprint.
- Board configuration: the board's estimation setting (e.g. Story Points or time estimate) — used to pick the right estimate field.
- Issues of the selected sprint: assignee (account ID and display name), status category, the estimate value, and — on licensed (Pro) instances — the aggregated time spent from work logs, used for the optional estimate-vs-actual CSV export.
Issue titles, descriptions, comments and attachments are never read. Assignee display names are read live to label the chart and are never persisted by the App.
3. Data We Store
The App stores only the following, using Atlassian Forge Storage, which is hosted and managed by Atlassian within your cloud instance:
- Non-personal caches: a board-to-project ID map (10-minute lifetime) and the ID of the instance's Story Points field (24-hour lifetime). These exist purely to keep the gadget fast and contain no user data.
Gadget configuration (selected board and sprint, capacity numbers, thresholds, and — on Pro — per-person capacity overrides keyed by Atlassian account ID) is stored by Jira itself as standard dashboard-gadget configuration, not by the App. It contains numbers and IDs only — no names, no emails, no free text.
4. Data We Do NOT Collect
- We do not run any servers. There is no developer-operated backend or database.
- We do not store names, emails, avatars, or any free-text content.
- We do not use cookies, tracking pixels, analytics platforms, or advertising networks.
- We do not send any data to external services. The App makes no network calls outside the Atlassian platform.
- We do not read work descriptions or comments — workload is computed from estimates and status categories only.
5. A Note on Per-Person Metrics
The App visualizes planned workload versus configured capacity per assignee for one sprint — data your team already sees on its board. It does not measure individual performance, velocity per person, or working time, and it stores no historical per-person records. The optional CSV export reproduces exactly what the gadget shows, initiated by the user, and includes only viewers' permitted data.
6. Data Processing Location
All processing occurs within the Atlassian Forge runtime environment under the Runs on Atlassian program. No data is transmitted to servers operated by us or any third party outside the Atlassian platform.
7. Data Retention
- Cached IDs expire automatically (10 minutes / 24 hours) and are overwritten on refresh.
- Uninstalling the App removes all App-stored data from Forge Storage.
- Gadget configuration is removed when the gadget is removed or the App is uninstalled.
8. GDPR Compliance
The App itself stores no personal data; the only personal identifiers involved are Atlassian account IDs inside Jira's own gadget configuration (for Pro per-person capacity overrides) and display names rendered live from Jira. Both remain entirely within your Atlassian instance and under Atlassian's controls. GDPR data-subject requests relating to data held by Jira itself should be directed to Atlassian. For App-specific concerns, contact us below. Uninstalling the App removes all App-related data from Forge Storage.
9. Security
- Runs in a sandboxed Forge environment with no egress to external networks outside the Atlassian platform.
- Uses minimal, read-only Jira API scopes plus app storage.
- Enforces each viewer's own Jira project permissions before returning any data.
- Stores no credentials, tokens, or secrets — there are none.
See our Security Policy for full details.
10. Children's Privacy
The App is a business productivity tool and is not directed at children under 16. We do not knowingly collect data from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected in the "Last updated" date above. Continued use of the App after changes constitutes acceptance of the updated policy.
12. Contact
For questions about this Privacy Policy, contact us at:
Email: support@janekbehrens.de