Trust at Guenov Labs
Guenov Labs builds focused apps for Atlassian Jira. We know that installing a third-party app means trusting it with your data, so this page explains — plainly — how ClientLens for Jira handles data, security, and privacy. If you need anything not covered here, contact security@guenov.dev.
How our apps run
Our Atlassian apps are built on Atlassian Forge and run on Atlassian's own cloud infrastructure. Data is stored within Atlassian's platform using Forge storage; we do not operate external servers or databases that hold your data.
ClientLens for Jira
ClientLens turns a Jira project into a plain-language status page that an agency can share with a non-technical client via a secure link, without giving the client a Jira account.
What it accesses. With your authorization, ClientLens reads the Jira issue data (summaries, statuses, and related fields) from the projects, boards, or filters you select. It reads this using your own Jira permissions — it can't see anything you can't already see. It does not write to Jira.
What it stores, and where. ClientLens stores the published page "snapshot" (a project name, a status, a plain-language summary, plain-language descriptions of selected work items, and your branding) and a per-page access token, both on Atlassian's Forge infrastructure. Access tokens are held in Atlassian's encrypted secret storage.
External sharing — by your choice. ClientLens's purpose is to display the information you publish on a page reachable via a secret link, to the recipients you choose, without an Atlassian login. You control what is published and who receives the link. Only the content you publish is shown; your Jira instance itself is never exposed. Each page's link can be revoked or replaced independently at any time.
AI summaries stay on-platform. The plain-language summary is drafted using Atlassian-hosted AI (Atlassian's Forge LLM capability). Your data is not sent to any external AI provider.
Data retention & deletion
Published snapshots and their access tokens persist until you revoke or delete a page, or uninstall the app, at which point the associated data is removed. [Confirm/adjust to match your uninstall cleanup behavior.]
Compliance & badges
- ClientLens runs on Atlassian's infrastructure with data stored on-platform.
- [Note: ClientLens uses a web trigger to serve its external client page, so it is not eligible for the "Runs on Atlassian" badge; this is inherent to the external-sharing feature and does not change where data is stored.]
- We follow Atlassian's mandatory cloud app security requirements and complete the Marketplace Privacy & Security disclosures for every app.
Security practices
- No external data egress. Our apps do not send your data to external servers or third-party services.
- Least privilege. We request the minimum permissions our apps need, and explain each on the app's Privacy & Security tab.
- Access control. Externally shared pages are protected by unguessable per-page tokens, validated on every request; access can be revoked or rotated per page.
- No Atlassian API tokens. We never collect, transmit, or store Atlassian user API tokens (PATs).
- Platform security. Encryption in transit and at rest is provided by the Atlassian Forge platform. Our apps are subject to Atlassian's automated Marketplace security scanning.
- Maintenance. Our apps are actively maintained and updated.
Privacy
We process data to provide the app's functionality and nothing else. We do not sell your data, and we do not use third-party advertising or analytics trackers on shared pages. Where our app processes data on behalf of your organization, your organization is the data controller and Guenov Labs acts as processor.
Full details: Privacy Policy →
Sub-processors
- Atlassian — hosting, storage, and AI inference (Forge platform).
We will update this list before adding any new sub-processor.
Contact
- Security & privacy: security@guenov.dev
- Support: support@guenov.dev
Last updated: [date].