説明

Personal Data (PD) for a specific user can be spread across multiple components of Bamboo. We've detailed these components and areas in the Bamboo: Right of access by the data subject article.

The recommended approach of limiting access to a user's PD in Bamboo is to anonymize their PD, as described in Bamboo: Right to erasure. If the data can't be anonymized, we've provided some workarounds in this article to help you:

バージョンの互換性

All workarounds are compatible with Bamboo 6.5 and later.

回避策

Deleting a user's account

See Deleting or deactivating a user for more information on deleting a user.

Affected personal data processing

• Other users won't be able to mention the user.
• The user will not be presented/suggested in user pickers.
• The user will not receive email notifications.

制限事項

• The user is deleted, and therefore won't be able to log in or use Bamboo.

Delete other entities (plans / results / deployment projects / deployment versions / releases)

Permissions in Bamboo are additive. If a user has global permission to view plans or project permission to view plans in a project, they will still be able to see plans even if they don't have permissions to see that specific plan. Deleting entities does not have an immediate effect. Although these entities are marked for deletion in the database, and they are hidden in the UI and REST API, they can still be retrieved with the direct database query.

A database query is the only way to know for sure if an entity exists or has been deleted.

Even after deletion, there will still be places like the agent logs, where some data will be left for a possibly indefinite time period.

Affected personal data processing

• Limited user PD visibility to other users
• Limited access to Entity/PD via REST API

制限事項

• There may still be some PD on the agents, that will not have been removed.

その他の注意事項

サーバーまたはデータ センターのお客様の場合、アトラシアンはお客様が製品内で保存するように選択した個人データへのアクセス、保管、または処理は行いません。アトラシアンが処理する個人データの詳細については、プライバシー ポリシーを参照してください。