Escalate — Privacy Policy

Last updated: 2026-05-04

Escalate is a Forge app for Atlassian Jira that helps engineers run structured investigations on tickets with AI assistance. This page explains what data Escalate processes and where it goes.

What we process

• Jira issue text (summary, description, comments, labels, attachments your project admin enables for analysis).
• Investigation state created by users in the panel (answers, notes, help requests).
• Optional log files attached to issues, when log analysis is enabled.
• Optional code snippets from a Bitbucket repository the project admin links, when code analysis is enabled.

Where data lives

• Inside your Atlassian tenant: investigation state, project configs, repo skeletons, and telemetry are stored in Forge-managed storage (Forge SQL + KVS), encrypted at rest by Atlassian, isolated per installation.
• External AI provider: when AI is enabled, Escalate sends issue/log/code text to the provider chosen by the project admin (Google Gemini, GitHub Models, OpenAI, or Anthropic). The customer brings their own API key. Each provider's privacy terms apply.
• Bitbucket: when code analysis is enabled, Escalate reads files from the linked repository using the customer-provided token. Read-only.

What we do not do

• We do not sell or share data with third parties beyond the AI provider the customer selected.
• We do not use customer data for our own model training.
• We do not collect telemetry beyond per-install error logs (no user content).

Retention & deletion

• Resolved investigations older than 30 days are auto-archived (steps + log + code dropped, only summary preserved).
• Uninstalling the app triggers Atlassian's standard 28-day soft-delete, then permanent purge.
• Per-issue clear is available from the panel; bulk wipe via admin tools.

Customer responsibilities

• You provide and rotate your own AI provider API keys and Bitbucket tokens.
• You decide which Jira projects use AI features and which do not.
• You ensure your use of AI providers complies with your organization's data-handling policies.

Contact

Questions or data requests: anas.najjar@stryker.com.