How does Jirvana AI sprint analysis work?

Jirvana connects to your existing Jira workspace and uses advanced AI to analyze your sprint data in 30 seconds. It identifies patterns, blockers, and dependencies that human reviewers typically miss, then generates 5 specific, actionable recommendations for your team.

How much time does Jirvana save engineering teams?

Engineering teams typically save 95% of their sprint review time with Jirvana. What used to take 3+ hours of manual analysis now takes 30 seconds, saving teams an average of $2,400 per month in engineering time.

Does Jirvana work with existing Jira setups?

Yes, Jirvana integrates seamlessly with your existing Jira Cloud or Server instance. Setup takes 2 minutes and requires no changes to your current workflow or data structure.

Security Policy - Jirvana

Overview

Jirvana is committed to protecting the security and privacy of our users' data. This security policy outlines our practices for handling, processing, and protecting data within our AI-powered sprint assistant for Jira.

Data Handling Principles

1. Data Minimization

We only access and process the minimum data necessary for Jirvana's functionality
No personal information beyond user display names and account identifiers
Focus exclusively on project metadata and sprint analytics

2. Purpose Limitation

Data is processed solely for generating AI-powered sprint insights
No data mining, profiling, or secondary use cases
Processing limited to active sprint analysis and recommendations

3. Transparency

Clear disclosure of all data processing activities
Users informed about third-party AI processing
Open about data flow and retention practices

Data Processing

What Data We Process

Jirvana processes the following types of data from your Jira instance:

Issue Metadata: Keys, summaries, statuses, priorities, types
Sprint Information: Names, start/end dates, goals, velocity metrics
User Identifiers: Display names and account IDs for assignees
Workflow Data: Status transitions, progress tracking
Issue Relationships: Blocking dependencies, linked issues

What Data We DO NOT Process

Issue descriptions or comments
Personal contact information (email, phone numbers)
Authentication credentials or passwords
Sensitive business content or proprietary information
File attachments or documents

Data Flow

Collection: Data retrieved from Jira via Atlassian Forge APIs
Processing: Metadata sent to OpenRouter.ai for AI analysis
Analysis: AI generates actionable sprint recommendations
Delivery: Results displayed in Jira interface
Disposal: No persistent storage - data processed in real-time

Security Measures

Technical Safeguards

Platform Security

Built on Atlassian Forge platform with enterprise-grade security
Inherits Atlassian's security controls and compliance certifications
No direct access to customer Jira instances

Data Transmission

All data transmitted over encrypted HTTPS connections
TLS 1.2+ encryption for all external API communications
No data transmission outside secure channels

Access Controls

Application-level permissions via Jira's authorization framework
Users see only data they have permission to access in Jira
No escalation of privileges beyond existing Jira permissions

AI Processing Security

OpenRouter.ai integration with explicit data protection terms
No data retention by AI processing services
Anonymized processing where possible

Privacy Protections

Data Retention

Real-time Processing: No persistent storage of customer data
Logs: System logs retained for 30 days maximum
Analytics: Only aggregated, anonymized usage statistics retained

Data Location

Primary processing within Atlassian's infrastructure
AI processing via OpenRouter.ai (US-based)
No data residency guarantees due to real-time processing model

User Rights

Access: Users can view all data processed through Jira interface
Correction: Data corrections made via Jira are immediately reflected
Deletion: Uninstalling Jirvana removes all processing capabilities
Portability: Data remains in customer's Jira instance

Third-Party Integrations

OpenRouter.ai

Purpose: AI-powered analysis of sprint data
Data Shared: Issue metadata and sprint information only
Retention: No data retention - processing only
Security: Enterprise-grade API with data protection agreements

Atlassian Forge

Platform: All hosting and core functionality via Atlassian Forge
Security: Inherits Atlassian's SOC2, ISO27001, and other certifications
Compliance: GDPR, CCPA, and other privacy regulation compliance

Compliance

Regulatory Compliance

GDPR: Full compliance for EU data subjects
CCPA: Compliance with California privacy regulations
SOC2: Inherits compliance via Atlassian Forge platform
Privacy Shield: Framework adherence through platform providers

Industry Standards

OWASP: Application security practices aligned with OWASP guidelines
ISO27001: Information security management principles
NIST: Cybersecurity framework alignment

Vulnerability Management

Security Updates

Regular updates to address security vulnerabilities
Automated dependency scanning and updates
Coordination with Atlassian for platform-level security issues

Responsible Disclosure

Security researchers encouraged to report vulnerabilities
Coordinated disclosure process with appropriate timelines
Recognition program for security researchers

Bug Bounty

Participation in Atlassian's Marketplace Security Bug Bounty Program
Additional rewards for Jirvana-specific vulnerability discoveries

Contact Information

Security Team

Email: security@jirvana.dev
Response Time: 24 hours for security inquiries
Emergency Contact: Available for critical security incidents

General Support

Email: support@jirvana.dev
Documentation: GitHub Repository
Community: Atlassian Community forums