General Data Protection Regulation (GDPR) Compliance

Last Updated: June 29, 2024

Bliss Media Studio, through its OWL applications, is committed to ensuring compliance with the General Data Protection Regulation (GDPR) and all privacy-related regulations. We have conducted an information audit to identify the personal data we process and ensure its necessity and relevance. Our privacy policy has been updated to clearly explain why and how we process personal data. We regularly perform data protection impact assessments (DPIAs) to assess and mitigate risks to data privacy and security.

Bliss Media Studio has appointed a data protection officer (DPO). You may contact the DPO at privacy@ontaskworklogger.com

Understanding Personal Data

Personal data under GDPR refers to any information relating to an identified or identifiable individual. This can include basic identification information, web data, health information, financial information, employment information, and sensitive personal data.

How OWL Handles Data

At OWL, we ensure that:

User information, such as names and activity metrics, is obtained through authentication from Jira/Atlassian.

Screenshots captured by the app are not stored within OWL but may be stored on the client’s storage system (e.g., Google Drive, Dropbox, AWS S3).

Users and administrators have control over which screens are captured and can blur background information to protect privacy.

Data is transferred securely using encrypted protocols (TLS/SSL).

Key GDPR Principles in OWL

Data Minimization: We only process necessary data, primarily obtained via Jira/Atlassian authentication. Screenshots, applications used, URLs visited, active times, operating system details, input device presence, mouse activity, project/task names, time spent, browser version, and keyboard activity are collected to ensure functionality while minimizing data collection where possible.

User Control: Users have full control over what activity data is submitted. They can exclude specific data before submission, and manage and blur screenshots as needed to protect privacy.

Data Storage: Screenshots and other data are stored on the client’s chosen storage system, not within OWL. All screenshots are uploaded directly to client-configured storage using SSL over HTTPS, ensuring data security and integrity.

Security Measures: All data transfers are encrypted using TLS/SSL protocols. Additional security measures include email verification, strong password management, system logging, infrastructure security, physical security, and two-factor authentication. We retain data only as necessary and protect it from unauthorized access.

Sharing Information: Company admins and managers can access screen captures and activity logs. Information may also be shared for legal reasons, business purposes, and upon user direction, ensuring transparency and compliance with GDPR principles.

Compliance and Security

OWL integrates with Jira to streamline task management and time tracking, ensuring that all personal data handling adheres to GDPR principles. Our commitment includes:

Utilizing secure authentication from Jira.

Allowing users to manage their data submissions.

Storing data on client-designated systems with encryption.

Regularly updating our data handling practices to comply with GDPR and other relevant regulations.

For more detailed information about our data practices and security measures, please refer to our Privacy Policy and Security and Reliability pages.

How do I delete my data?

If you need to delete your data from the OWL app and Jira, please follow these steps:

Contact Your Jira Administrator: Reach out to your Jira administrator and inform them that you want your data collected by the OWL app removed.
Jira Administrator Access: The Jira administrator will log into the Jira platform and navigate to the admin panel in the OWL app.
Locate User Data: In the OWL admin panel, the administrator will enter the username associated with the data that needs to be deleted.
Delete Data: The administrator will follow the prompts to delete all associated data, including screenshots, applications used, URLs visited, active times, operating system details, input device presence, mouse activity, project/task names, time spent, browser version, and keyboard activity.
Confirmation: The administrator will receive a confirmation message once the data has been successfully deleted.

Following these steps will ensure that all your personal data is permanently removed from the OWL app, in compliance with GDPR and data protection regulations. If you have any further questions or need assistance, please contact your Jira administrator.

For organization owners: If you remove the OWL app from your Jira instance, your organization’s data will also be deleted.