...

Pio Software will comply with all applicable data protection laws and regulations. The app will only collect, store, and process data that is essential to the functioning of the app. The data will be only stored in Atlassian’s Forge platform and will not leave Atlassian Cloud. We will not share user data with third parties without explicit user consent. User data will be encrypted both in transit and at rest. In addition, please refer to our Privacy Policy.

Code Security:

Pio Software will adhere to industry best practices for secure coding and testing. We will perform regular code reviews. Our code is stored in Bitbucket and executed on Forge platform which allows limited libraries to be used and vulnerability scans are performed to detect and remediate any security issues that arise. We do not have other third-party dependencies or libraries in our applications.

...

Pio Software provides an open portal for the customers to inform in case they observe an incident. The incident management process is well documented and outlines how we respond to security incidents, including breach detection, containment, and recovery. We will notify affected customers promptly in the event of a data breach or security incident. Attached is the Incident Response Plan (updated at 2025-02-19).

Compliance:

Pio Software will comply with all applicable security and privacy regulations, such as GDPR, CCPA, and HIPAA, as applicable in the future. We will regularly review and update our security policies to ensure that we are in compliance with any changes in regulations.

...