Data Privacy Policy

Provider: Millarum Last updated: May 29, 2026 Version: 1.0

Millarum Roadmap Millarum Dashboards All Millarum Products

1. Our Privacy Commitment

Your data is never logged, stored, or transferred outside the platform where our add-ons are deployed. We do not operate external servers that persist your data.

Millarum is committed to protecting the privacy of its users. This policy explains what data our products interact with, how we use it, and the controls you have over it. We apply privacy-by-design principles across all Millarum products.

2. Scope

This policy applies to all Millarum products and services, including:

Millarum Roadmap — project roadmap and milestone visualization
Millarum Dashboards — Jira dashboard analytics widgets
Any future products published under the Millarum brand

This policy does not cover the practices of the underlying platforms on which Millarum products are deployed. Those platforms maintain their own privacy policies and security certifications.

3. Data We Access

Millarum products operate as extensions within the platforms they are deployed on. To provide their functionality, they read data from the host platform on behalf of the authenticated user. This may include:

Data Type	Purpose	Stored?
Project metadata (names, keys, types)	Rendering roadmap timelines and dashboard filters	No — read at runtime only
Issue data (summary, status, type, due date)	Populating charts, lists, and milestone markers	No — transient in-memory processing
Version / release data	Displaying milestone bars on the roadmap	No — read at runtime only
User identity (display name, account ID)	Scoping personal saved views to the correct user	Yes — stored as a storage key only, not profile data
App configuration (saved views, widget settings)	Persisting your dashboard layout and roadmap views	Yes — stored in platform-provided app storage

Issue content (summaries, descriptions, comments, attachments) is never logged, indexed, exported, or retained by Millarum. It is read from the platform and rendered in your browser only.

4. Where Data Lives

Millarum products are built to run entirely within the deployment platform. All persistent storage uses the native storage mechanism provided by the platform (e.g., key-value store, app properties). This means:

Data never leaves the platform environment to an external Millarum server.
Millarum does not operate a separate backend database, analytics pipeline, or telemetry service that receives your data.
Stored configuration data (saved views, widget preferences) resides in the platform's own infrastructure, subject to the platform's data residency and security controls.

5. Data We Do Not Collect

Millarum explicitly does not collect, log, or process:

Issue descriptions, comments, or attachments
User passwords or authentication credentials
Personally Identifiable Information (PII) beyond what is needed to scope saved views (account ID used as a storage key)
Behavioral analytics, clickstream data, or session recordings
Device fingerprints or IP addresses
Any data for advertising or profiling purposes

6. Third-Party Services

Millarum products do not transmit user data to any third-party analytics, advertising, or tracking services. The only external resources loaded by Millarum products are:

Open-source JavaScript libraries (e.g., charting libraries) loaded from public CDN endpoints for rendering purposes. These libraries do not receive your data.

No third-party SDK, analytics script, or tracking pixel is embedded in Millarum products.

7. Security Practices

Millarum follows the security guidelines and requirements of the platforms on which its products are deployed. Our security practices include:

Using only the minimum permission scopes required to provide product functionality (principle of least privilege).
All communication between product components and the host platform uses encrypted transport (HTTPS/TLS).
App configuration data is accessed only by authenticated users with appropriate permissions.
Millarum personnel access production systems only for troubleshooting and under strict access controls; such access is logged and reviewed.
Dependency vulnerability scanning is performed regularly to identify and remediate known vulnerabilities.

For detailed information on our vulnerability management approach, see our Security Policy.

8. Data Retention & Deletion

Configuration data (saved views, widget settings) is retained for as long as the product is active in your environment. Upon uninstallation or a written deletion request:

Millarum will delete all stored configuration data within 30 days.
Because issue data is never stored, there is nothing to delete for runtime-read data.

To request data deletion, contact contact@millarum.com.

9. Your Rights

Depending on your location and applicable law, you may have rights including:

Right of access — to know what data Millarum holds about you.
Right to rectification — to correct inaccurate stored configuration data.
Right to erasure — to request deletion of your stored data.
Right to portability — to receive your configuration data in a portable format upon request.
Right to object — to object to any processing that you believe falls outside the scope of this policy.

To exercise any of these rights, contact contact@millarum.com. We will respond within 30 days.

10. Regulatory Compliance

Millarum is committed to compliance with applicable data protection regulations, including:

GDPR (General Data Protection Regulation) — for users in the European Economic Area.
CCPA (California Consumer Privacy Act) — for California residents, where applicable.
The privacy and security requirements of the platforms on which Millarum products are deployed.

Millarum does not sell personal data to any third party.

11. Changes to This Policy

Millarum may update this Privacy Policy from time to time. When material changes are made, the "Last updated" date at the top of this page will be revised. Continued use of Millarum products after an update constitutes acceptance of the revised policy.

For significant changes, Millarum will provide notice via product release notes or email to registered contacts.

12. Contact

For privacy-related questions, concerns, or requests:

Email: contact@millarum.com
Subject line: "Privacy Request — [your name or organization]"

We aim to respond to all privacy inquiries within 10 business days.