Greenlight

Privacy policy

Effective date: 12 July 2026

This policy covers Greenlight — Release Readiness & Approvals ("the app"), published by Sanyasha Software for Jira Cloud on the Atlassian Marketplace.

The short version

Greenlight stores the release-readiness data you create, inside Atlassian's infrastructure, and nothing else. It has no servers of its own, makes no network calls outside Atlassian, and collects no telemetry. We — the vendor — never see your data.

Where your data lives

All app data is stored in Forge SQL, Atlassian-hosted storage inside the Atlassian Forge platform, associated with your own Atlassian site. The app is egress-free: no external servers, no third-party services, no analytics beacons, no data transmitted off Atlassian infrastructure. It qualifies for Atlassian's Runs on Atlassian program, which technically enforces this.

What the app stores

  • Content you author in the app: releases, gates, checklist items, evidence links, sign-off decisions and notes, release notes.
  • Jira issue snapshots: key, summary, and status of issues you link to gates, kept in sync via Jira events.
  • People references: Atlassian account IDs only (gate owners, sign-off and audit actors). Display names and avatars are never stored — they are resolved live from Jira each time a page or report is rendered, so a name change or account erasure in Atlassian is reflected immediately.
  • Audit records: who approved/rejected/revoked/overrode what, when, and with what note — this trail is the product's purpose and is deliberately permanent for the life of the release.

What the app does NOT collect

No credentials, no payment information, no usage analytics or telemetry, no device data, no cookies, and no personal data beyond the Atlassian account references above.

How the app accesses Jira

Greenlight requests these scopes:

  • read:jira-work — read the issues, projects, and versions the current user can already see (issue linking, live status sync, version lifecycle sync).
  • read:jira-user — resolve display names and avatars for people pickers and for rendering the stored account IDs at read time.
  • storage:app — the app's own Forge SQL storage.

All reads and writes run as the acting user, so Jira's permission model always applies. The app never modifies Jira issues, workflows, or versions.

Data retention and removal

  • Deleting a release in-app permanently removes it with its gates, items, and audit history.
  • Uninstalling the app removes app storage in accordance with Atlassian's Forge platform data policies.
  • Because all data resides in your Atlassian site, Atlassian's own data residency, security, and compliance commitments apply to it at rest.

Sub-processors

None. Atlassian hosts the platform the app runs on; no other party is involved in processing.

Changes to this policy

Material changes will be reflected on this page with an updated effective date. Substantive changes in what the app stores or accesses will additionally appear in the Marketplace listing's version notes (scope changes require your admin's re-consent through Atlassian's own flow).

Contact

Privacy questions or security disclosures: support@sanyasha.com

Also see sanyasha.com/greenlight/support.