Guenov Labs

ClientLens for Jira — Privacy Policy

Effective date: [date]. Provider: [legal entity / your name], [address], [country]. Contact: [privacy@yourdomain].

1. What ClientLens is

ClientLens is an app for Atlassian Jira Cloud that lets a Jira user (the "operator," typically an agency) publish a plain-language project status page and share it with a non-technical recipient (the "viewer," typically a client) via a secure link, without giving the viewer a Jira account.

2. Data we access

With the operator's authorization, ClientLens reads Jira issue data (issue summaries, statuses, and related project fields) from the projects, boards, or filters the operator selects. We access this data using the operator's own Jira permissions; we do not access anything the operator could not already see.

3. Data we store, and where

ClientLens stores data on Atlassian's Forge infrastructure (within Atlassian's cloud). We store: the published page "snapshot" (project/display name, a health status, the operator-authored or AI-drafted plain-language summary, plain-language descriptions of selected work items, and branding such as name, accent color, and logo URL), and a per-page access token held in Atlassian's encrypted secret storage. We do not operate our own external servers or databases for this data.

4. External display of project data

ClientLens's core function is to display the operator's selected, published project information on a web page accessible via a secret link, to recipients the operator chooses, without an Atlassian login. The operator controls what is published and who receives the link. Only the published snapshot is shown; the underlying Jira instance is not exposed.

5. AI processing

To draft the plain-language summary, selected issue text is processed by Atlassian-hosted large language models via Atlassian's Forge LLM capability. This processing occurs within Atlassian's platform; ClientLens does not send your data to any external third-party AI provider.

6. What we do NOT do

We do not collect, transmit, or store Atlassian user API tokens (PATs). We do not sell your data. We do not use third-party advertising or analytics trackers on the published client page.

7. Sub-processors

ClientLens runs on Atlassian's Forge platform and relies on Atlassian for hosting, storage, and AI inference. Atlassian is our infrastructure sub-processor. [List any others here if you add them later; today there are none.]

8. Data retention and deletion

Snapshots and tokens persist until the operator revokes a page, deletes it, or uninstalls the app, at which point the associated data is deleted. [Confirm your uninstall cleanup behavior and state the retention window here.]

9. Security

Data is stored on Atlassian's infrastructure with encryption in transit and at rest as provided by the Forge platform. Access to published pages requires an unguessable per-page token, and each page's access can be revoked or rotated independently by the operator.

10. Your rights (GDPR/UK GDPR)

Depending on your location, you may have rights to access, correct, or delete personal data, or to restrict or object to processing. To exercise these, contact [privacy@yourdomain]. Where ClientLens processes data on behalf of an operator, the operator is the data controller and ClientLens acts as processor.

11. Changes

We may update this policy; the effective date above reflects the latest version.

12. Contact

[privacy@yourdomain].