Security Policy for AI Requirements Copilot
At ReqTech, we are committed to ensuring the security of our application and the data it processes. Our Security Policy outlines the measures we take to protect your information from unauthorized access, alteration, disclosure, or destruction.
1. Data Security
Data Processing: AI Requirements Copilot processes data transiently to analyze and rewrite project requirements within Jira Cloud. No personal data is stored by our application. App stores only error logs and limited usage logs.
Data Encryption: All data transmitted to and from AI Requirements Copilot is encrypted using industry-standard encryption protocols. We use secure channels to protect the data while it is in transit.
Data Access: Access to log data within AI Requirements Copilot is strictly controlled and monitored. Only authorized personnel have access to this data, and only for the purpose of application maintenance and support.
2. Third-Party Services
OpenAI Integration: AI Requirements Copilot utilizes OpenAI services to enhance its functionality. We ensure that our integration with OpenAI adheres to the highest security standards. No personal data is shared with OpenAI; only non-personal data necessary for the functionality of our app is processed. ChatGPT 4o-mini is the language model in use. Model is used under standard commercial agreement between vendor and OpenAI. In agreement OpenAI promises not to use any data for training the models or share.
AI Requirements Copilot doesn’t use own or rented computing resources for storing or transferring operational data. Service relies solely on Atlassian Cloud and OpenAI Services..
3. Application Security
Security Best Practices: We adhere to best practices in application development and maintenance, including regular code reviews, security audits, and updates.
Vulnerability Management: AI Requirements Copilot implements a proactive approach to manage vulnerabilities in the software. We regularly update our systems and software to address security vulnerabilities and threats.
Incident Response: We have a formal incident response plan in place to handle security breaches or data leakage incidents promptly and effectively.
4. User Security
Authentication and Access Control: AI Requirements Copilot integrates with Jira Cloud’s authentication mechanisms. We support and enforce strong access controls aligned with Jira Cloud’s security settings.
User Role Management: Users can define roles and responsibilities within their Jira Cloud environment, which are respected by AI Requirements Copilot to ensure that only authorized users can access specific functionalities.
5. Compliance
AI Requirements Copilot complies with all applicable laws and regulations regarding data protection and privacy, including the General Data Protection Regulation (GDPR). Our service does not collect, store, or process any personal data or non-personal data from users. We take all necessary steps to ensure that no data is processed or transmitted through our service, safeguarding user privacy and adhering to industry standards. Furthermore, we collaborate with our users and partners to ensure that any integrations or related activities are in compliance with relevant data protection laws.
6. Changes to This Security Policy
We reserve the right to update or modify this Security Policy at any time. Changes to our Security Policy will be posted on our website and communicated to users through appropriate channels. Users are encouraged to review our Security Policy periodically.
7. Contact Us
If you have any questions or concerns about our Security Policy or the handling of your data, please contact us at: