MergeVision - Privacy Policy
MergeVision – Privacy Policy
Effective date: 01 Sep 2025
1. Who We Are
Appifywiz Ltd. (“Appifywiz”, “we”, “our”) develops MergeVision, an application for Atlassian® Bitbucket® Cloud & Data Center that visualises and automates pull‑request workflows.
Registered office: 3 HaTamar St., Yokneam Illit, Israel.
We act as controller only for the limited data described below. We do not store customer‑generated Bitbucket repository content (source code, pull‑request bodies, comments); such data remains in Atlassian’s cloud under your organisation’s control.
We comply with EU GDPR, UK GDPR, Israel PPL, and California CCPA/CPRA.
2. Scope
- Visitors to appifywiz.io pages relating to MergeVision (the “Site”).
- Users who install or interact with the Service via the Atlassian Marketplace.
- Prospects and customers who contact sales or support.
3. Personal Data We Collect
|
Category |
Typical fields |
Source |
|
Licence & Account Data |
Contact name, work email, Atlassian Cloud ID, licence tier, renewal dates |
Atlassian Marketplace API |
|
Billing Data |
Invoice / purchase‑order reference, VAT/ABN |
Atlassian |
|
Support Data |
Ticket text, screenshots, logs you submit |
You |
|
Usage Metadata |
Installation events, anonymised feature clicks, IP address, user‑agent |
Automatically |
|
Marketing Data |
Newsletter opt‑in status, referral source |
You |
We intentionally avoid collecting special‑category data and data about children under 16.
4. How We Collect Data
- Direct – contact forms, support tickets, emails.
- Automated – Atlassian event stream; first‑party cookies on the Site.
- Marketplace API – licence & billing feed from Atlassian.
5. Why We Use Data & Legal Bases
Purposes and legal bases mirror the Appifywiz Privacy Policy: Contract (provide & support the app), Legitimate interests (improvements; security), Consent/LI (marketing), and Legal obligation (billing/tax).
6. Cookies & Analytics
We use strictly necessary cookies and GA4 on the Site; EU/UK visitors can manage consent via our cookie banner. No tracking cookies are set inside Bitbucket.
7. Sharing Personal Data
We never sell personal data. We disclose to Atlassian (Forge runtime), SendGrid (transactional email), Google Workspace, and Atlas CRM (if applicable), each under DPAs; plus lawful disclosures and business transfers.
8. International Transfers
Processing may occur in the EU, US, or Israel. Transfers outside EEA/UK rely on SCCs (+ UK Addendum) or Israel adequacy, as applicable.
9. Security Measures
TLS 1.2+ in transit; AES‑256 at rest where applicable; strict access control & MFA on vendor systems; external penetration testing annually or after major changes; breach‑notification objective 72 hours.
10. Data Retention & Deletion
|
Data |
Retention period |
Deletion method |
|
Licence & billing |
7 years (tax) |
Secure archival deletion |
|
Support tickets |
5 years after closure |
Helpdesk purge |
|
Marketing list |
Until you unsubscribe |
Suppression hash list |
Early deletion requests → [email protected]. Atlassian’s Uninstall & Data‑Erasure flow removes any in‑product data under Atlassian’s control.
11. Your Rights
EU/UK rights (access, correction, deletion, restriction, portability, objection, consent withdrawal) 30‑day target response; California rights (know, delete, correct, opt‑out) with 10 business days acknowledgement.
12. Additional Disclosures
- CCPA/CPRA – Service Provider; no selling or sharing.
- Israel PPL – Israeli residents may approach the PPA (ppa.gov.il).
13. Changes to This Policy
Material changes announced 30 days in advance; see effective date above.
14. Contact
[email protected] | [email protected]
Appifywiz Ltd., 3 HaTamar St., Yokneam Illit, Israel