Cloud Security Statement

Last updated - 4 June 2021

Overview

VIEW26 Cloud Services (hereafter referred to as “VIEW26 Cloud”) is hosted and delivered by Equinix , Inc. (equinix.com) (hereafter referred to as “Cloud Provider”). While the Cloud Provider is responsible for the security of its actual data centres, VIEW26 GmbH is responsible for monitoring, managing and securing the VIEW26 Cloud.

Facilities

The Cloud Provider is responsible for the data centres that host the VIEW26 Cloud. For more information about security at those data centres, please go to the appropriate links below:VIEW26 Cloud is currently hosted in Amsterdam.
https://www.equinix.com/data-centers/europe-colocation/netherlands-colocation/amsterdam-data-centers

Certification

The Cloud Provider is responsible for managing the security of the cloud. They have been certified by third-party organisations and are compliant with the applicable laws and regulations.The list of such certifications and compliance statements can be found in the links below:
https://www.equinix.nl/data-centers/design/standards-compliance
View26 software products are subject to strict self-assessments to ensure compliance with security standards such as OWASP Application Security Verification Standard (ASVS) before public release.

Exceptions for all Cloud Apps

Account Data
Our Cloud Apps store data provided and generated by Atlassian, that are required for license validation, contract administration and communication with the customer instance.
Analytics
: We use FullStory to allow us to analyse behaviour patterns that ultimately lead to product improvements. It is exclusively used in order to improve our service. It does not contain any Customer Uploaded Data or Operational Data. VIEW26 only capture the page that is viewed and the referrer along with the tenant identifier.
Error Logs data
Our Cloud Apps track errors of our Cloud Apps' resources executed in the end users' browsers in real-time. This includes for example AddOnKey, ClientKey, BaseUrl, anonymised TrackingID, error messages and information about the environment such as browser type, browser version and operating system. It is exclusively used in order to improve our service.
Metrics
Application metrics are sent to Datadog for analysis and reporting in order for us to monitor the applications performance.

Exceptions for Specific Cloud Apps

Charts & Reports for Jira Service Management
We store and aggregate JIRA issue field values from your project to create Charts & Reports for Jira/Service Management Cloud. However we do not store any JIRA Issue description, user profile pictures, attachments or comments in VIEW26 Cloud
Page View Analytics
We store only the webhook events & user groups on VIEW26 Cloud. We do not store any of the Confluence Page or Space content on VIEW26 Cloud.
JSON Viewer for Confluence
We not transmit or store any confluence content on VIEW26 Cloud.

Backups

Customer data is backed up once per day and is encrypted.

People and Access

Within VIEW26, only a few members of the VIEW26 Operations Team have access to the production environment for the purposes of maintaining our cloud services and assisting our customers. Additionally, we monitor all access to the VIEW26 Cloud.
Customers are responsible for the security of their own login information.

Security Incident Policy

Every care is taken by VIEW26 to protect personal data from incidents (either accidentally or deliberately) to avoid a data protection breach that could compromise security.For more information, please see our Security Incident Policy.
Privacy
VIEW26 understands the importance and is committed to ensure the privacy of your personally identifiable information. For more information, please see our Privacy Policy.
https://view26.com/privacy