License Server Cloud Help

Personal data protection

There are several regulations that are enforced by various governing bodies that define rules for the protection of personal data. One of the latest is the European Union’s General Data Protection Regulation (GDPR). This regulation applies to the storage and processing of information that can be used to identify an individual, whether directly or indirectly.

Due to GDPR, users can download their personal data and request to erase it.

Types of personal data

Since the License Server Cloud (LS Cloud) requires authorization through JetBrains Hub, it collects some personal data. Moreover, due to this integration data is collected by both LS Cloud and JetBrains Hub.

  • The LS Cloud itself stores the end user's information: username (login email), IP addresses, machine ID, and OS hostname. It also stores some usage statistics: product codes, versions, build numbers and allocated licenses statistics to make reports.

  • JetBrains Hub collects some personal data to identify users, specifically full name, login, email address, and other user information. To view the full list with descriptions, see Personal Data in Hub. Some data stored in JetBrains Hub is also connected to the LS Cloud directly, namely group memberships.

Data access and encryption

LS Cloud Databases are only available within a trusted subnet without public access. Access is controlled by IAM policies.

We encrypt data both at rest and in transit.

  • Data at rest is stored in an encrypted RDS instance on AWS. Backups and snapshots are also stored using AWS services and encrypted. To find more information on RDS encryption, see Amazon documentation regarding this topic.

  • When data is in transit between application code and RDS instances, it is also encrypted. We use SSL connections to ensure security, plain unsecure connections are prohibited.

Connections

IDEs that you use only establish temporary connections to LS Cloud. LS Cloud establishes connections:

  • With the JetBrains HUB instance associated with your account to acquire authenticated user details.

  • With account.jetbrains.com to acquire up-to-date license information.

See the diagram below to better understand what connections are established when using LS Cloud.

LS Cloud connections diagram
  • 1. IDE establishes connection to the License Server

  • 2. IDE opens browser to perform authentication

  • 3. JetBrains HUB opens to perform company authentication

  • 4. User authenticates with company authentication provider

  • 5. IDE connects to the License Server using authentication token from JetBrains HUB

  • 6. License Server verifies the token with JetBrains HUB

  • 7. License Server provides a license to IDE

  • R. IDE periodically refreshes authentication token

Regions

Both LS Cloud and RDS instances are located in the eu-west-1 region in AWS. JetBrains Hub data is also stored in the eu-west-1 region.

See JetBrains Privacy Policy to learn more. If you have any questions related to personal data protection, please contact us at privacy@jetbrains.com.

Last modified: 24 May 2022