As a Forge developer, you have access to logs for your apps installed on your users' sites, and users will also be able to download their own logs, to see what data they are sharing with you.
Logging data may include customer and/or user data, including personal data, that is sensitive to certain use or exposure and, in many cases, regulated by applicable laws. While the definition of personal data differs according to applicable laws, under the General Data Protection Regulation (“GDPR”), personal data is any data relating to any identified or identifiable natural person.
These guidelines are designed to provide an overview of best practices for logging. They are not intended to be a substitute for legal advice. Always consult legal counsel before acting on anything discussed on this page.
Please note that these guidelines are in addition to, and in no way limit, the Atlassian Developer Terms or the Marketplace Partner Agreement.
To find out more about user privacy requirements, see the General Data Protection Regulation, or other laws that may apply to you.
Make sure your privacy policy provides clear and complete information about how you collect and process logging data.
Minimize the logging data you collect. Collect data only where you need it to troubleshoot issues with your app.
If you need data, only collect the minimum amount needed to troubleshoot. Don't collect data because you think it may be useful for another purpose.
Avoid logging personal data when possible. If you need to collect personal data to troubleshoot, consider de-identifying it, e.g. hashing, masking.
If you collect personal data, respect the Atlassian Developer Terms and any instructions to delete personal data upon request and/or uninstall. In addition, get rid of data when it is no longer needed for the original purpose by developing and enforcing reasonable data retention schedules.
Avoid logging any authorization data (e.g. secrets, keys).
Below are some examples of data that you may consider logging, along with our recommendation of whether that data should not be logged, in accordance with best practices.
Any data that should not be logged, should also not be visible in the URL of your app’s page.
| Should I log... | Best practice | More details |
|---|---|---|
| Name | No | This is a direct identifier. |
| User ID - Email Address | No | This is a direct identifier. |
| User ID - Username | No | This is a direct identifier. |
| Session ID | No | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| User Generated Content | No | This is content that could include personal data or confidential customer data. |
| Source IP Address / Dest IP | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| X-Forwarded-For | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| URL path and query string | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. Avoid passing usernames or other non-arbitrary identifiers in URL paths or query strings. |
| User Agents | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| AaID (Atlassian Account ID) | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| Nickname | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| User ID | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| Member ID | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| Site ID | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| Cloud ID | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| Tenant ID | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
| Tenant Name | Log with caution | This is an indirect identifier which could be used, in association with other data, to identify a user. |
See User privacy guide for app developers and Data privacy guidelines for developers.
Rate this page: