Privacy Policy

Last updated: March 2026

This Privacy Policy explains how SmartJira ("we," "our," or "us") handles your data when you use our Chrome extension. Our privacy-first design ensures your sensitive information remains under your complete control.

1. Our Privacy-First Approach

SmartJira is designed with privacy as the top priority. We do not store, collect, or have access to any of your API keys, Jira credentials, or ticket data. All sensitive information remains on your device.

2. What We Don't Collect

  • API Keys: Your OpenAI, Anthropic, Google, and Jira API keys are stored exclusively in your browser's local storage
  • Jira Credentials: Your Jira domain, email, and authentication tokens never leave your browser
  • Ticket Content: Ticket descriptions, screenshots, and error context are processed locally or sent directly to Jira and your AI provider
  • Personal Data: No email addresses, names, or account information are collected by our servers

3. Limited Data Collection

We collect minimal, anonymous data to improve the extension:

  • Anonymous Usage Statistics: General feature usage patterns (no personal identifiers)
  • Error Reports: Technical error information to improve stability (no user data included)
  • Extension Analytics: Installation and update statistics via Chrome Web Store

4. How Your Data Flows

When you use SmartJira:

  • Your API keys are stored locally in Chrome's secure storage
  • AI requests (including your description, screenshots, and captured error context) go directly from your browser to OpenAI, Anthropic, or Google using your API keys
  • Jira requests go directly from your browser to your Jira instance using your credentials
  • Screenshots, error reports, and ticket data are processed locally or sent directly to their destinations
  • Nothing sensitive passes through our servers

5. Error and Network Capture

To help you create detailed bug reports, SmartJira captures technical error data from the tabs you browse:

  • Failed network requests: HTTP 4xx/5xx responses and network-level failures (DNS errors, connection refused, CORS issues) — URL, status code, and timing only
  • Console errors: JavaScript exceptions, unhandled promise rejections, and console.error messages from the current page

This data is:

  • Stored only in browser memory (never written to disk or sent anywhere automatically)
  • Scoped to the current tab and cleared when the tab is closed
  • Stripped of sensitive headers (Authorization, Set-Cookie, and other auth-related headers are removed before inclusion in any report)
  • Only sent to your AI provider and/or attached to your Jira ticket when you explicitly click "Enhance with AI" or "Create in Jira"
  • Never transmitted to SmartJira servers

You can clear captured errors at any time using the clear button in the extension popup.

6. Third-Party Services

You directly interact with these services using your own credentials:

  • OpenAI, Anthropic, Google: For AI-powered ticket enhancement (using your API keys)
  • Jira: For ticket creation and management (using your credentials)
  • Chrome Web Store: For extension distribution

7. Data Security

Your security is built into our architecture:

  • API keys are stored in Chrome's secure local storage (encrypted by Chrome)
  • All API communications use HTTPS encryption
  • No central database of user credentials or sensitive information
  • Even if our systems were compromised, your API keys and data would remain safe

8. Your Rights and Control

You have complete control over your data:

  • Delete your API keys anytime from the extension settings
  • Uninstall the extension to remove all local data
  • Contact OpenAI, Anthropic, Google, and Jira directly to manage data with those services
  • No account deletion process needed - we don't have your account data

9. Changes to Privacy Policy

Any changes to this privacy policy will be reflected in extension updates. Our commitment to not collecting your sensitive data will not change.