Data Processing Agreement

Data Processing Agreement

Last updated: 2026-01-15

This Data Processing Agreement (“DPA“) forms part of the Terms of Service governing your use of the DevPulseIQ application (“App“) provided by WojTech Solutions Ltd (“Processor“). By installing or using the App, you agree to this DPA.

1. Roles of the Parties

For the purposes of applicable data protection laws (including GDPR and UK GDPR):

  • The customer installing and using the App (“Customer”) acts as the Data Controller with respect to personal data contained in Jira projects and issues.
  • WojTech Solutions Ltd acts as a Data Processor, processing such personal data solely on behalf of and in accordance with the Customer’s instructions.
  • WojTech Solutions Ltd acts as a Data Controller for its own business-related data and for tenant management and operational data required to run and secure the App (such as configuration, access control and permissions, administrative action logs, and operational usage metadata).

Anonymised and aggregated outputs: The App may generate anonymised and aggregated statistical outputs (such as benchmarks, trends, and derived metrics) based on the Customer’s use of the App. To the extent such outputs do not constitute personal data under applicable law and do not identify the Customer, its users, or its Jira instance, they are outside the scope of this DPA. For those non-identifying outputs, WojTech Solutions Ltd acts as an independent controller and may retain, use, and further develop such outputs for product improvement and benchmarking.

1a. Data Categories

For consistency with the App Privacy Policy, the following data categories apply:

  • Customer Content – Jira data processed through the App (including project and issue data and related personal data) that the Customer chooses to make available to the App. This category is processed under this DPA, with the Customer as Controller and WojTech Solutions Ltd as Processor.
  • Tenant Management Data – data required to run and secure the App for a tenant, such as configuration, access control and permissions, administrative action logs, and operational usage metadata. This category is processed by WojTech Solutions Ltd as Controller and is outside the scope of this DPA.
  • Derived & Aggregated Outputs – non-identifying statistical outputs generated from use of the App (such as benchmarks, trends, and derived metrics) that are intended not to identify individuals or organisations. To the extent this category does not constitute personal data, it is outside the scope of this DPA and is processed by WojTech Solutions Ltd as an independent controller.
2. Scope and Purpose of Processing

The Processor processes personal data solely for the purpose of:

  • Providing analytics, dashboards, insights, and related features of the App;
  • Maintaining, securing, and improving the App;
  • Providing customer support.

The Customer’s instructions are defined by installing, configuring, using, or uninstalling the App.

3. Categories of Data and Data Subjects

Data subjects may include the Customer’s employees, contractors, or collaborators whose data appears in Jira.

Categories of personal data may include:

  • Atlassian account ID;
  • User name (initials or full name, depending on configuration);
  • Jira issue metadata (such as status, timestamps, and assignee);
  • Administrative action logs;
  • Usage metadata.
4. Confidentiality

The Processor ensures that persons authorised to process personal data are subject to appropriate confidentiality obligations.

5. Security Measures

The Processor implements appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest, restricted access controls, monitoring, and tenant data isolation.

6. Sub-processors

The Customer authorises the Processor to engage sub-processors for hosting, monitoring, and support services. All sub-processors are bound by contractual obligations providing an equivalent level of data protection.

A list of current sub-processors may be published on the Processor’s website or made available on request. Material changes will be communicated via reasonable means.

7. Data Subject Requests

The Processor shall assist the Customer, where reasonably possible, in responding to requests from data subjects under applicable data protection laws.

8. Personal Data Breaches

The Processor shall notify the Customer without undue delay after becoming aware of a personal data breach affecting personal data, and provide relevant information about the breach and mitigation measures.

9. Data Retention and Deletion

Personal data is retained only for as long as necessary to provide the App and in accordance with the App Privacy Policy. Upon uninstall or termination, data is deleted in line with the documented retention and cleanup schedule. Residual copies may remain in encrypted backups for up to ninety (90) days.

10. International Transfers

Personal data is currently processed within the EU (and, where applicable, the UK for operational administration and support). Where transfers outside these regions occur, appropriate safeguards (such as Standard Contractual Clauses) are applied.

The Processor may introduce additional regional processing locations over time. Where available, the Processor intends to process and store App data in a region aligned with the Customer’s Atlassian product data residency settings. Any material changes to processing locations will be reflected in updated documentation.

11. Audits and Compliance

The Processor shall make available information reasonably necessary to demonstrate compliance with this DPA. Audits shall be limited to documentation review unless otherwise agreed.

12. Liability

Liability arising from this DPA is subject to the limitations set out in the Terms of Service.

13. Governing Law

This DPA is governed by the laws of England and Wales.

14. Order of Precedence

In the event of any conflict between this DPA and the Terms of Service, this DPA shall prevail with respect to data protection matters.

15. Contact

For any questions about this DPA, please contact:

Email: contact [at] devpulseiq [dot] com
Contact page: https://devpulseiq.com/contact

WojTech Solutions Ltd
Registered in England and Wales · Company No. 16713425
Registered Office:
C/O KEITH WILLIS ASSOCIATES LTD, GOTHIC HOUSE, BARKER GATE,
NOTTINGHAM, NG1 1JU, UK