Terms and Conditions
These Terms and Conditions (“Terms”) cover all of the ways in which we communicate with you on this website and in any related communications channels such as our feeds, social media and email. When you access our services, or sign up to hear from us, we understand that you are OK with these Terms.
Legal documents and disclaimers for the draw.io plugins
draw.io is developed by JGraph. The draw.io apps for Confluence and Jira are developed in partnership with //SEIBERT/MEDIA.
The information that we collect
When you visit the about.draw.io and support.draw.io websites
Like all web servers, our web server logs information about which pages you access, and information about your device (device or browser type and IP). These logs are kept for 12 months.
We do not use permanent or session cookies, unless you have logged into about.draw.io as an administrator. We do not use Google analytics or tracking pixels.
When you contact us via email or on social media
If you have submitted a support request, we will typically contact you by email to work out a resolution to the problem.
We retain email correspondence for 6 years, after which it is routinely deleted. Direct messages sent via social media accounts are routinely deleted after 6 months.
When you use draw.io to create a diagram
The www.draw.io server logs information about about your device (device or browser type and IP) when you use the online application or the Trello Power-Up, to help us debug technical problems that may occur within the draw.io application. This information is stored in a cyclical log where the oldest data is overwritten by current data continuously. The cycle is about 10 days. These logs contain no diagram information. Only engineering staff are permitted access to server logs to resolve issues. No non-technical staff are permitted access, either directly or indirectly.
Diagram data storage
draw.io is as fully a client-side application as is technically possible – draw.io does not store your diagram data. When you choose to store your diagram on your local filesystem, localStorage in your browser, or in Google Drive, your diagram data and your preferences do not travel through our servers. Diagram data stored in the following applications and cloud services are covered by their respective privacy policies:
No personal information, or information stored is made available to JGraph when you use draw.io online, offline or within any of its integrations.
When you change your diagram’s sharing permissions
If you use Google Drive, you are permitted to change the permissions of your diagram. This sharing permissions dialog is entirely provided and served by Google.
When you export to a raster or PDF format
Your diagram data may be securely sent to our image export servers and the resulting file returned in the following cases:
- When you export your diagram to a PDF.
- If you are using IE 11 and export your diagram to a raster image format.
Note: Atlassian Cloud products generate a raster format image of your diagram every time you save.
All data is only ever held in memory, never written to disk. The data is cleared from memory after the file has been successfully delivered to you.
When errors occur
If an error condition occurs whilst using the application, the application may send an error report back to the servers. This report contains the program line and condition that occurred. Such reports contain no personal information or parts of your diagram data, nor do they contain any substantial information regarding your usage of the application.
When you search for shapes
No data is transmitted from your server or client browser when you use draw.io to any third-party with one exception: When you search for an shape, if your keyword has no results in the list of local shapes, the keyword and the list of matching shapes is sent securely to www.draw.io. No diagram information, nor any information about you or your system or infrastructure is transmitted.
When you purchase a draw.io app for Atlassian software (Confluence or Jira)
Request access to, modify and delete your information
If you want to access, review or delete your personal information and communication prior to the routine deletion periods described above, please send an email to [email protected]. We will retain your request for modification or deletion as a record of our compliance with the GDPR.
Disclosure of your personal information
We do not sell your personal information.
As a rule, we don’t share your information with third parties, unless it is a) with your consent, or b) required by law (in response to an appropriate legal process). We will object to requests for information about people who use our site that we believe to be improper.
The draw.io application and all draw.io websites use HTTP over TLS1.2+ (which builds upon HTTP over SSL) to ensure communication between you and our servers is encrypted and secure.
Rights you grant us
By the use of draw.io within GSuite, you grant JGraph the rights:
a) That your company, that owns the @domain.com of the Google account you use, permits us to reference them as a user of the Software in customer lists on the draw.io web-site, in marketing publications, in presentations to clients and at trade events.
b) To announce publicly when we pass a security audit set by your company on the draw.io web-site, in marketing publications, in presentations to clients and at trade events.
We do not set any cookies when you browse the draw.io websites.
We respect Do Not Track (“DNT”) settings in browsers. If you’re logged out of our Services and have DNT enabled, we will not set cookies.