Privacy Policy

Recall (“Recall”, “we”, “us”) provides a Jira Cloud app that surfaces similar, previously resolved issues to help teams avoid re-solving the same problem twice. This policy explains what data we access from your Jira site, how we process it, where it is stored, and what control you have over it.

1. Data we access from Jira

When your Jira Cloud administrator installs Recall, Atlassian grants the app the following scopes, which we use only for the purposes described below:

  • Issue content— summary, description, status, resolution, issue type, priority, labels, components, project key, and created/updated/resolved dates for issues in the projects your administrator enables.
  • Jira account IDsfor issue assignees and reporters, used only to display suggestions with attribution — we do not access names, emails, or profile data beyond the account ID itself.
  • App user token, used to call Jira's API on behalf of the installing site with the permissions above.

We do not access issue comments, attachments, or any Jira data outside the scopes listed above.

2. How we process your data

For each indexed issue, we generate a truncated digest (summary + description) and use it for two purposes:

  • Semantic search— the digest is sent to a third-party AI service to generate a vector embedding, which we store alongside the issue to power similarity search.
  • Relevance re-ranking— the digest may be sent to Anthropic (Claude) to re-rank candidate matches by relevance before they are shown to a user.

These service providers act as data subprocessors for this narrow purpose only. None of them are used to train their general-purpose models on your data, and your data is never sold or exposed to any party beyond these service providers.

3. Where your data is stored

Indexed issue data, embeddings, and encrypted OAuth tokens are stored in a dedicated database hosted with a third-party cloud infrastructure provider (EU region), isolated per Jira site (tenant). OAuth access and refresh tokens are encrypted at rest and are never exposed outside the backend service that uses them to call Jira's API.

We do not sell, rent, or share your Jira data with any third party other than the service providers described in Section 2, and we do not use your data for any purpose other than providing the Recall service to your site.

4. Data retention and deletion

We retain indexed issue data and embeddings for as long as Recall remains installed on your site, so that suggestions stay accurate as your Jira history grows. When Recall is uninstalled, we revoke our access to your Jira site immediately, and permanently delete your indexed data within 24 hours. If you reinstall within that window, your data and history are still there. You can also request deletion of your site's data sooner by contacting us at the address below.

5. Early access signups

If you sign up for early access via this website, we store the email address (and any other details you provide in the form) to contact you about Recall. We do not use this for any other purpose and do not share it with third parties.

6. Your rights

If you are located in the EEA, UK, or another jurisdiction with data protection rights (such as access, correction, deletion, or portability of your data), contact us at the address below and we will respond within a reasonable time.

7. Changes to this policy

We may update this policy as Recall evolves. Material changes will be reflected by updating the “Last updated” date below.

8. Contact

Questions about this policy or requests regarding your data can be sent to privacy@recalljira.com.

Last updated: July 13, 2026