Frequently Asked Questions
Revised: February 16, 2021
1. Our legal department would like to make some changes to your EULA. Is that ok?
Within our current price structure, we’re unable to make any changes to our Appfire EULA. Taking into consideration our cost-effective pricing model and the costs associated with creating and managing individual agreements with each of our customers, you can begin to understand our position. Maintaining a standard EULA with all of our product customers allows us to focus our resources on meeting our obligations under these agreements. With that in mind, our EULA has been very carefully authored to be fair to both you and us. There may be some issues that are not covered here or on the rest of this page. If so, please feel free to contact us using the following form: appf.re/eula.
2. Your EULA refers to the grant of Publicity Rights. What does that mean? Can we change that?
We list a small number of our customers on our website as examples of organizations using our software. If you do not want us to mention your company name at all, just contact us using the form at appf.re/publicity and we’ll add you to our list of companies requesting not to be party to future disclosures or forms of publicity (including our customer lists on our website).
3. Your EULA refers to data that may be collected and stored. Can you provide more details?
The only customer data that we currently maintain within our internal systems are customer and transaction information (i.e., purchase history) and anything you may (or may not) elect to share with us via our online knowledge bases or support portals. Any application-level data is stored either within your systems (if you work with Atlassian’s “Server” or “Data Center” products) or within Atlassian’s systems (if you work with products architected using Atlassian’s “Connect” architecture aka Atlassian’s “Cloud” products). In the case of products architected using Atlassian’s “Connect” architecture, the location of specific application-level data storage depends on the product. To better maintain the integrity of privacy protection for Licensee data, we do not specify the location of application-level data storage on a product-by-product basis.
4. Your EULA refers to open source libraries. Can you specify which libraries you use?
For information on the open source libraries we use, please contact the relevant brand Product Support team found on our Contact page.
5. Is it ok for our affiliate users to use the add-ons covered by your EULA as well?
Yes, assuming that, as defined within the section titled “Orders” in our EULA, (a) your affiliate users are included within your total count of “Authorized Users”, and (b) must be within the “Scope of Use”.
6. Do you have a data security policy?
Yes, all customers may refer to our Data Security and Privacy section of our EULA.
1. I am a customer of your Atlassian apps, does GDPR affect me?
An Atlassian customer is any company which is an active license holder of an Atlassian software license.
If you are responsible for administering your Atlassian software at your company and are using it to control or process personal data of EU citizens living inside the EU, we recommend you look into the new EU GDPR regulations for more information.
If you are are not controlling or processing personal data of EU citizens living inside the EU (ie: USA, Asia Pacific, etc.) then GDPR likely does not affect you.
2. As an Atlassian customer, am I a Data Controller?
The answer is maybe. If you are an Atlassian customer who uses Atlassian software to collect, control and process the personal identifiable information of any EU citizen, under GDPR you are likely a Data Controller. We recommend you look into the new EU GDPR regulations for more information.
3. Is Appfire a Data Controller or Data Processor of my Appfire Server app?
No, Appfire is not a Data Controller nor a Data Processor for any server-based apps. Server-based apps are downloaded and reside on the customer’s local servers. Appfire does not have access to any of our customer’s local servers. Whatever data our customers choose to load within server-based apps is exclusively processed and controlled by the customer.
4. Is Appfire a Data Controller or Data Processor of my Appfire Data Center app?
No, Appfire is not a Data Controller nor a Data Processor for any Data Center apps. Data Center apps are downloaded and reside on the customer’s local servers. Appfire does not have access to any of our customer’s local servers. Whatever data our customers choose to load within server-based apps is exclusively processed and controlled by the customer.
5. Is Appfire a Data Controller or Data Processor of my Appfire Cloud app?
Appfire is not a Data Controller of cloud-based apps. Customers of our cloud-based apps remain in control on how their data is used and processed.
Appfire is a Data Processor of many of our cloud-based apps. As our cloud-based apps are a third-party cloud app within your Atlassian Cloud instance, you tell the app how your data will be used and processed through the Atlassian product interface. For some cloud-based apps the app will process and hold some data on your behalf in the form of functional log files, which are stored in a secure database.
6. What is a Data Processing Agreement (DPA)?
A DPA is an agreement, as part of GDPR compliance, between a Data Controller and a Data Processor. This type of agreement acknowledges that the Data Processor is complying with relevant requirements under the GDPR. A DPA should show that both the Controller and Data Processor are:
- Aware of and committed to complying with the GDPR;
- Protecting the personal data of customers, staff, and others (as may be applicable); and
- Clear about their respective roles concerning the personal data that is being processed.
Appfire is happy to provide a copy of our DPA upon request for customers who need to comply with GDPR regulations.
7. When is a Data Processing Agreement required to comply with GDPR?
A DPA is only required for GDPR compliance when a Data Controller engages a third party service provider to process the personal data of any EU citizens.
8. Do we need to sign a Data Processing Agreement?
You may need to sign a DPA if your company is a Data Controller and is responsible for processing the personal identifiable information of EU citizens through one of Appfire’s brand cloud-based app.
9. Will Appfire provide a signed Data Processing Agreement so that I can comply with GDPR?
Absolutely. Please fill out the form in our Contact section with your request. Please note that due to the size of our customer base, Appfire does not execute other customer-provided versions of a DPA.
10. Does Appfire use sub-processors?
As with all modern companies, Appfire relies on many world-class software providers to support our customers. If you are a Data Controller that needs to comply with GDPR and require a list of our current sub-processors, please fill out the form in our Contact section with your request and we’ll be happy to help.