Data Security and Privacy Statement

Owned by Andy Brook [Plugin People] (Unlicensed)
Last updated: Jan 30, 2019 by Andy Brook [Plugin People]
1 min read

SU for Jira is covered by our Privacy Policy, some additional contextual information is also available:

SU for JIRA exposes user data to any JIRA system administrator as it allows the system administrator to become any other user.

No user content or passwords are stored or otherwise transferred.

The action of invoking SU stores a cookie on the client web browser with a hard wired 5minute expiry, this means, even in the unlikely event of cookie theft, any exploit would have to occur within 5 minutes of its generation.