Deadline Warrior

Trust Center

Last updated: February 25, 2026

Security, privacy, and reliability for Deadline Warrior Atlassian Marketplace apps. Built on Atlassian Forge (runs inside Atlassian Cloud).

Forge-hosted Least-privilege scopes No external DB (Forge-only) Security contact: security@deadlinewarrior.com

Hosting & runtime

Runs on Atlassian Forge inside Atlassian Cloud. No vendor-managed production servers for Forge-only apps.

Status: Forge-hosted

Data location

Customer data remains within Atlassian Cloud (Forge storage / Jira APIs), subject to Atlassian tenancy & residency settings.

External storage: None (Forge-only)

Security reporting

Responsible disclosure supported. We prioritize confirmed security issues and communicate clearly.

Email: security@deadlinewarrior.com
Enterprise note: Deadline Warrior apps are Forge-based. Availability and many security controls are inherited from Atlassian Cloud. This trust center documents our app-level controls, processes, and policies.

Architecture

Deadline Warrior apps are built exclusively on Atlassian Forge. Execution, storage, and networking are provided by Atlassian Cloud.

Platform
Atlassian Forge (Jira Cloud)
Vendor-run servers
None (Forge-only)
External data egress
None, unless explicitly documented per app
Permissions model
Scope-based, least privilege

For apps with external integrations or data flows, additional architecture details will be documented in the relevant app’s security & data handling policy.

Data handling

We access Jira data only as needed to provide the app’s features and only within the scopes approved by the installing administrator. We do not sell customer data and do not use it for advertising.

Data accessed (typical for time/worklog features)
  • Issue fields (key, summary, status, project, issue type, etc.)
  • Worklogs / time tracking entries (as permitted by Jira permissions)
  • User account identifiers needed for attribution and filtering
Data we do not use for
  • Advertising or ad targeting
  • Selling or renting customer information
  • Third-party analytics scripts in the app UI
Retention & deletion

Forge apps follow Atlassian Cloud lifecycle controls. Upon app uninstallation, the app’s access to Jira data ends. Any Forge storage data follows Atlassian platform behavior and policies.

Security

We combine Atlassian Cloud’s platform protections with vendor controls (least privilege, access restrictions, and clear incident handling).

Platform security (inherited from Atlassian Cloud)
  • Encryption in transit (TLS)
  • Encryption at rest (Atlassian-managed)
  • Tenant isolation
  • Identity-based access controls
Vendor security controls
  • Least-privilege Forge scopes
  • MFA for administrative accounts
  • Access restricted to authorized personnel
  • Dependency maintenance & security review before releases
Vulnerability reporting

If you believe you’ve found a vulnerability, email security@deadlinewarrior.com. Please include reproduction steps and impact assessment if possible.

We support responsible disclosure. We ask researchers to avoid public disclosure until remediation is available.

Compliance

Deadline Warrior aligns security and privacy practices with Atlassian Marketplace Cloud expectations and enterprise procurement needs.

Marketplace alignment
  • Public policies (Privacy, Terms, Security, SLA)
  • Transparent data handling statements
  • Security reporting channel

If you receive a security questionnaire, send it to support@deadlinewarrior.com.

Subprocessors

For Forge-only apps, the primary subprocessor is Atlassian Cloud (Forge platform). No other subprocessors are used unless explicitly disclosed.

Subprocessor
Atlassian (Forge platform & Jira Cloud infrastructure)
Purpose
App compute, storage, and platform services
Customer data location
Within Atlassian Cloud (per tenant configuration)

If you add any external services later (e.g., error monitoring, analytics, or a backend), list them here with purpose and data categories.

Incident response

We follow a structured process: triage → containment → remediation → communication.

Response process
  • Triage: confirm scope, severity, and impact
  • Contain: mitigate risk and prevent spread
  • Remediate: fix, test, and deploy
  • Communicate: provide updates for material incidents
Notifications
  • Customer communication via email for critical incidents
  • Atlassian platform incidents follow Atlassian status updates

For urgent concerns, contact support@deadlinewarrior.com.

Support & SLA

Support targets and escalation paths for enterprise customers.

Support email
support@deadlinewarrior.com
Support hours
Mon–Fri, 9:00 AM – 5:00 PM PT (U.S. holidays excluded)
Critical response target
Within 4 business hours (business hours)
Escalation
Available for Severity 1 incidents until resolution

Full details are documented in the SLA linked below.

Policies & docs

Link these in your Atlassian Marketplace listing (Privacy, Terms, Security, SLA). Keep them publicly accessible.

Public policies
Request trust documentation

Need a completed security questionnaire or additional documentation? Email support@deadlinewarrior.com.

Include your Jira site URL, app name, and the questionnaire file if you have one.

Back to products All policies