Data security & storage
We handle sensitive data and we know that! So we try to be as transparent as possible and add a lot of security policies to make sure you can trust us with your data.
Additionally, we only store the absolute minimum of data and always fetch data live. E.g. when connecting a calendar, we never save any calendar information anywhere.
All data are only used to provide the features of the app. We never share or sell your data.
Which data do we store?
Instance & Settings
Due to the nature of our app, we store some basic information about your Confluence instance. This includes baseUrl, instance Ids, names and patch level of the instance.
Additionally we store all settings made in our app.
We store OAuth2 Tokens for Microsoft 365 and Jira for all connected users.
We keep an audit-log with actions performed against Microsoft 365, Jira and Confluence.
Which data do we not store?
We do not crawl and store any business data - be it Jira, Confluence or Microsoft 365.
We do not store PII data for the user.
We do not store any passwords.
Where do we host?
Our app is hosted on AWS in Frankfurt and all data are stored there.
We plan to offer data residency into multiple regions until end of 2021.
How do we secure your data?
Data security can be tricky so we do have a variety of activities to ensure your data are as safe as possible.
All sensitive data are encrypted on database level with AES-256
Bug Bounty program
We give incentives for security researchers to find and report security issues with us.
AWS is the leader in Cloud infrastructure and complies to a lot of standards. Please see their website for more information. Also Jira and Confluence Cloud is hosted on AWS in the same data centers.
No 3rd parties
We do not work with agencies, ever changing personal or external parties that get access to your data.
However, we do use some external services listed here to provide our service: Contractors. These providers may get a subset of your data.
There might be outages and unforeseeable events. We run rolling daily backups and test backups regularly to restore the service as quickly as possible.