Document toolboxDocument toolbox

Data Privacy FAQ

Owned by Su-Lyn Rosenberry
Last updated: Sept 27, 2024
2 min read

  1. How do your ML models work, and what do you use them for? 
    Capacity Insights uses two primary models: 

    • The first model predicts a relationship between Jira tickets and user activities from connected tools like Calendars, Source Code Management, and IDEs;

    • The second model predicts the amount of time a person spends on each ticket in a day based on the activities associated with the ticket.

  2. Do you use any open-source AI/ML libraries or frameworks? If so, which ones and how do you ensure their security and reliability?
    Yes, we use language models from HuggingFace, Pytorch, and Lightgbm.  

    We ensure security and reliability by hosting the models on secure AWS cloud servers and frequently maintain and fine tune them. The Pytorch model and Lightgbm model were trained from scratch with open-source implementations.

  3. How are your AI/ML models trained and updated?
    Our models are trained and updated using a supervised process guided by human feedback.

  4. Is our data used to train or improve your AI/ML models? If yes, how do you ensure that our sensitive information is not compromised during the training process?
    Yes, the model features include embeddings of all data. These are irreversible transforms so no Personally Identifiable Information (PII) can be leaked.  We also include a variety of numeric and categorical features to help find patterns across all Tempo data. In short, there is no way to find any PII from the features we used in ML models.

  5. Do you isolate or segregate our data from other customers to ensure that our data is not mixed with or accessible to other customers?
    We do not, but since our ML models never see raw data and are encoder-style models, they cannot leak PII.

  6. Can we enable/disable AI in the app? How will disabling AI affect the functionality of your app?
    The AI in Capacity Insights is designed to empower you with automated predictions about time spent on tasks, tickets, and projects. This core functionality ensures you gain valuable insights without manual effort. We cannot disable AI, since it would block the app from serving its intended purpose.

  7. How often do you update your AI/ML algorithms, and how do you ensure that these updates do not compromise the security or privacy of our data?
    We retrain our models as we notice a quality drift. Tempo's design, which centers on analyzing existing data rather than creating new data, like in generative AIs, significantly reduces the potential for data leakage.

  8. Are the AI/ML models hosted on your own servers, or are they using third-party AI services (e.g., OpenAI)? If third-party services are used, how is our data protected?
    Currently, we host all our own training and inference services on secure systems and infrastructure within AWS, an industry-leading cloud provider.

  9. Are any Generative AI (GenAI) or large language models (LLMs) used?
    We do not use either, but Tempo is exploring the use of LLMs to enhance our model quality.

  1. What data does your AI/ML infrastructure collect and process from our Jira instance? 
    Here is the data Tempo may currently process from your Jira. This is a consolidated list, and it may be subject to change as we continuously enhance our product offering:

User actions on Jira issues:

  • Create

  • Comment

  • Update

  • Assignee

  • Navigation

  • Priority Change

  • Status Change

Issue characteristics:

  • Issue Key, ID

  • Issue Type Name

  • Issue is_subtask

  • Project Name

  • Priority

  • Status

  • Summary

  • Description

  • Issue event type (Focus Time, OOO)

Possible improvements for the future state:

  • Issue Comment (Full text)

  • Issue links (Related issues, PRs)

  1. Can we limit the scope of access and control on which data is shared with your app from our Jira instance, or is it all or nothing?
    While the Jira REST API doesn't currently allow for granular data access control during integration, we've designed our app to use only the specific data fields essential for its functionality. For a detailed list of the data we access, please refer to the answer to question 10.

  2. Do you store any of our Jira data on your servers? 
    We currently store customer Jira data processed by Tempo AI to ensure the highest accuracy and relevance of our prediction algorithm. We are continuously refining and improving our AI models to deliver valuable and relevant insights to meet our customers' needs.

  3. What security measures are in place for the integration?
    Protecting your Jira data is a top priority for Tempo. Your trust is important to us, and we are committed to maintaining the highest levels of security for your data. We continuously evaluate and enhance our security measures for data protection.

    We've implemented multiple layers of security to ensure your information remains confidential and secure. Here are some of the key safeguards we have in place:

  1. How do you use the data collected from our Jira, and is it used for any purpose other than providing your services to us?
    We process customer data only to provide and improve our services, and it is not used for any other purpose.

  1. If we install optional integrations, what data does your app collect from these sources, and how is it used by your AI/ML system?
    The examples provided below outline the data collected from optional integrations. We use these signals to infer what Jira tickets were worked on and for how long they were worked on. For the most accurate and current list of data categories that our app gathers through each optional integration, please refer to the details presented in the connection pop-up when you opt to link a service.

  1. Can we choose which data sources your app has access to?
    Yes, you have full control over which optional integrations you activate within our app. These integrations are designed to enhance the accuracy and quality of the app to analyze and predict the time allocation across different tasks of your users. While our core functionality effectively analyzes time spent on Jira issues, each additional integration provides more context and detail from other tools you use, resulting in more precise and personalized capacity insights into how time is allocated.

  2. Can we limit the scope of access and control which data is shared with your app from our connected integrations, or is it all or nothing?
    We can restrict the scope of our GitLab & GitHub integrations to necessary repositories, and the same can be done by customers in VS Code and JetBrains integrations.

  3. Will our source code be accessed or used? Does your AI/ML system process or store any of our code? If so, how is our intellectual property protected?
    No.

  4. Do you store any of our data from these integrations on your servers?
    Yes, we store the metadata in order to run both ML inference and training.

  5. What security measures are in place for the available integrations?
    Our optional integrations use the applicable security measures described in the answer to question 13.

  6. How do you use the data collected from our connected integrations, and is it used for any purpose other than providing your services to us?
    We process customer data only to provide and improve our services, and it is not used for any other purpose.

  1. Where is our data stored?
    Tempo Cloud infrastructure is based on AWS in Virginia, us-east-1.

  2. Do you store any of our raw data (e.g., Jira issues, code snippets) or only derived insights/metrics generated by your AI/ML models?
    We store both raw and derived data.  We store the raw data to assess the quality of our derivations.

  3. Is it encrypted at rest and in transit?
    Yes, please see the answer to question 13 for more details.

  4. Who has access to our data?
    A limited number of our Data Engineers and ML Engineers have access to the production environment to maintain our cloud services and assist customers. Strong access controls are implemented. For example, access is managed with AWS and OneLogin Identity and Access Management (IAM) solutions, service access requests are well-grounded and approved as per Access Management Policy, all changes in access to the services are logged at the IAM and database levels, MFA and passwords and other unique user identifiers are employed and protected. If additional access is needed, dedicated requests and authorization are required.

  5. How do you protect our data from unauthorized access?
    We take the security of your data very seriously and implement multiple layers of protection to safeguard it from unauthorized access, including AWS industry-level encryption, strict access controls (RBAC, MFA, etc.), continuous monitoring and logging of our systems, secure SDLC, org-level regular security and compliance audits, and penetration testing by third-party experts to identify and mitigate potential vulnerabilities. Please refer to our trust.tempo.io for more information on Tempo’s security and compliance postures.

  6. Do you share any of our data with third parties? If so, for what purposes and with whom? How do you ensure that our data shared with third parties remains secure and confidential?
    We do not share customer data with any third parties, except sub-processors required to run our systems. You may find a list of such providers at the Privacy and Security tab of the app’s listing on the Atlassian Marketplace: Capacity Insights – AI Capacity Management for Jira | Tempo | Atlassian Marketplace.

  7. Do you have a data breach notification policy in place for your AI/ML systems? In the event of a data breach or security incident involving our data in your AI/ML systems, what protocols do you have in place to notify affected customers and mitigate potential damage? 
    The organization has an ISO 27001 and SOC 2 Type 2 compliant Incident Response plan in place. In the event of a breach involving customer data, Tempo will promptly notify the customers affected by the incident, ensuring notification within 72 hours of becoming aware of the breach. This obligation applies unless the breach is unlikely to pose a risk to customer data. If, for any reason, notification cannot be made within the 72-hour timeframe, Tempo will provide an explanation for the delay alongside the notification. The Incident Response plan is reviewed annually, or more frequently if required, to ensure conformity with the organizational goals. Our Incident Response Plan can be requested at https://trust.tempo.io/   

  8. What happens to our data after it has been processed by your AI/ML system? Is it deleted, or do you retain it for a certain period?
    Your data is retained in perpetuity as long as you are a customer.  If you choose to stop being a customer, your data can be promptly deleted upon request.

  1. Does your app’s AI/ML collect or process any personally identifiable information (PII)?
    No, our app does not process personally identifying fields, such as name, email, address, profile picture, etc.

  2. Are you compliant with data protection regulations such as GDPR or CCPA? How do you ensure compliance with industry standards for data protection?
    Our ML model generates insights without targeting any PII. It uses anonymous IDs and excludes PII-related fields from the signal data received through various enabled integrations. This approach ensures compliance with data protection regulations such as GDPR and CCPA.

  3. Do you have any certifications or attestations in place for your AI/ML infrastructure (e.g., ISO 27001, GDPR)?
    While Capacity Insights was not included in our audits last year (2023) due to its release after the audit cycle had concluded, we have already included it in our current SOC 2 Type 2 audit cycle and other annual audits scheduled for this year (2024). This demonstrates our commitment to ensuring that all our products and services, including newly released offerings, adhere to the highest standards of security and privacy.

  1. How do you ensure that your AI/ML system complies with industry-specific regulations (e.g., HIPAA for healthcare, FERPA for education)?
    We have a dedicated compliance team, led by a Data Protection Officer (DPO), which regularly monitors our services’ compliance with any applicable industry-specific regulations. Currently, such regulations as HIPAA, PCI DSS, or FERPA do not apply to Tempo services.

  2. How do you handle data residency concerns? Can customers choose to have their data processed by AI/ML algorithms in specific geographic regions?
    Currently, we provide data residency only in the US. However, we understand the importance of data residency for our customers and are considering support for other regions in the future.