This page provides details about what data JEMH Cloud stores, and how it’s secured.
All Profile configuration is stored in a database that is encrypted at rest. Sensitive values like mail service authentication credentials are additionally encrypted prior to storage in this database.
When auditing is enabled (you can opt out) we store with encryption:
Full copies of inbound email are retained for 30 days
Auditing records contain:
Email subject
Sender email address
Identity of the reporter user - only keys are stored
Report of processing by JEMHC that can include any involved parties name / email address
You may create Test Case emails from a live email for processing problem diagnosis, in such a case, we store with encryption:
Full contents of the test case email
Metadata about the email
Email subject
Recipient names and email addresses
You many add a Notification Mapping for given Project(s) to drive outbound notifications.
Notification Mapping configuration contains:
Mailbox from address
Nominated Audience recipient users (picked from Jira) - only keys are stored
Issue events are sent from Jira to the app in the form of JSON format webhooks. If a Notification Mapping is configured in the app for the related project, the data is stored in encrypted file storage.
the event JSON data containing all the Jira issue data sent (content, comments, custom fields etc)
the Jira user who triggered the event (e.g. the Reporter user during create)
webhook processing report that may include references to Names and Email Addresses of parties involved, may include SMS phone numbers if configured
You may create a Preview Context in JEMHC which is a copy of the webhook data, to enable notification template previews and/or for support.
When auditing is enabled (you can opt out) we store with encryption:
Full copies of outbound email
Metadata about the email
Recipient names and email addresses
Outbound processing report for the sending that include recipient names and email addresses
Some configuration/data that you create is expected to be used repeatedly and is therefore retained for as long as your subscription is active, that includes:
Profiles
Test Cases
Inbound/Outbound mail/transport configurations
Templates
Data from issue event webhooks are retained for up to 7 days from receipt, at which point they are scheduled for removal as enforced by AWS bucket policy.
If you have JEMHC Auditing enabled:
Inbound emails (up to 10MB) and auditing meta-data about processing is retained for 30 days from receipt, at which point they are scheduled for removal as enforced by AWS bucket policy
Outbound emails (up to 10MB) and auditing meta-data about sending is retained for 30 days from sent, at which point they are scheduled for removal as enforced by AWS bucket policy
We have no access to your Jira or your JEMHC configuration.
Our application logs are transitory and not retained and periodically destroyed.
Limited information is stored; we do not log email content (where we do it is hashed to enable visual ‘same' determinations but not discern any readable info) or recipients, however, remote systems beyond our control can return arbitrary text that may include recipient related information that is logged.
Our application support tooling enables support staff to see:
System Notification Email addresses you have set in your JEMHC. This is to allow us to proactively reach out when we see problems that affect your instance.
Where Data Packs are purchased, we may see IP address, Payer Email Address used through the online shop.
Nominated system admins receive Bcc: notifications about system related events, all of which include your configured System Notification Recipient email addresses:
Plan Consumed
License changes
Monthly Usage
Our sales team are notified when online purchases are made through the online shop, related meta data is sent by email to us from them about the purchaser:
IP address
Name & email address
Country
When we provide support to you, you may make a variety of content available to us in order that we can help solve a problem you have. The company policy on customer data storage is to be limited to company issued hardware only, which is fully encrypted at rest.
Email content in full containing IP addresses, email recipient names and email addresses, attachments, log files, screenshots.
The JEMHC admin may use the in-app feature to ‘flag’ an incoming mail for support, doing this allows our support team to access related data through our back office tools, data doesn't need to be transferred. Flagged emails expose:
Subject
Sender and Recipients email addresses
Raw email in full
Your JEMHC Profile that processed this email
Text or filtered HTML and all attachments
inbound processing report containing email addresses of recipients, account ID’s of users involved.
By providing a mail for support (flagged or other), such content is used only for the current support query. It may be loaded into a test Jira, drive test email notifications to dead end mailbox services, in order to help you in your support query.
JEMHC uses https://developer.atlassian.com/cloud/jira/platform/jira-entity-properties/ to store some information on Atlassian’s own servers. This data is directly attached to issues and/or comments and helps JEMHC during processing. No personally identifying information is stored however in some cases a processed email’s Message-ID and Subject header values may be stored. This data’s lifespan is tied to that of the issue it’s attached to.
When JEMHC processes mail, any of the following information can be found in an issue, depending on app configuration:
email subject
email recipients name / address
email content (raw text, HTML converted to wiki markup)
email attachments
full copies of the entire email, raw text content or filtered (to limit XSS scenarios) HTML content