/
Privacy Policy — Backlog Refinement, Sprint Planning & Capacity Planning for Jira

Privacy Policy — Backlog Refinement, Sprint Planning & Capacity Planning for Jira

This Privacy Policy explains how Divim, Inc. ("we", "us", "the vendor") handles data when a Jira Cloud site installs and uses Backlog Refinement, Sprint Planning & Capacity Planning for Jira ("the app"). It is the partner privacy policy referenced on the app's Atlassian Marketplace listing.

Last reviewed: 2026-06-15

1. Roles

Under GDPR / UK GDPR terminology, the customer (the Atlassian site's organization) is the data controller for the Jira data the app processes, and Divim, Inc. acts as a data processor on the customer's behalf.

2. What data the app processes

To deliver backlog-refinement, sprint-planning, and capacity features, the app accesses the following from the projects you select:

  • Project, board, and sprint metadata — including historical sprints, used to calculate the team's past velocity

  • Issue and subtask data, story points, and time estimates

  • Assignees and team/capacity configuration, used to show allocation and over/under-commitment

  • Jira user identifiers and display names where required to show per-assignee allocation and aggregate results

The app processes this data only to provide its refinement, planning, capacity, and velocity features.

3. How data is used

Data is used solely to render the refinement and planning experience — surfacing stories with missing subtasks or that don't follow the story template, creating subtasks and adding story points or hours on the spot, and comparing sprint load to planned capacity and past velocity. We do not use customer data for advertising, and we never sell customer data.

4. Storage and retention

The app stores the configuration and planning data needed to provide its features (for example, selected projects and team/capacity settings). Operational data is retained while the app is installed and in use. On uninstall, associated app data is removed in line with the Atlassian Marketplace app-removal lifecycle. Customers may request deletion of app-specific data by contacting support@divim.io.

5. Encryption

Data is encrypted in transit (HTTPS / TLS) and at rest. See the Security Policy for the full security posture, including the app's Cloud Fortified status and Bug Bounty participation.

6. International data transfers

Where data is transferred between regions, those transfers are carried out under appropriate safeguards consistent with applicable data-protection law. A SOC 2 report is available upon request.

7. Data subject rights

Because the customer is the controller of the Jira data, data-subject requests (access, correction, deletion, restriction, portability, objection) are typically satisfied through the customer's own Jira administration tools or Atlassian's processes. For assistance with app-specific data, contact support@divim.io; we respond within the timeframes required by applicable law and in any event within 30 days of a verified request.

8. Children

The app is a business-to-business product intended for Jira Cloud administrators and teams. It is not directed at children and does not knowingly process children's data.

9. Changes to this policy

Material changes will be announced through the Atlassian Marketplace listing and the Divim Trust Center, with an updated review date at the top of this document.

10. Contact

This policy applies specifically to Backlog Refinement, Sprint Planning & Capacity Planning for Jira. For Divim's company-wide posture, see the Divim Trust Center.