The security of the apps is continuously being put to the test due to the fact that they are connected to the cloud and are accessible over several networks. This is why one of our top priorities is preventing vulnerability to security threats and breaches.
To ensure maximum security and continuous monitoring, we follow the latest Atlassian security standards. Caelor apps are part of the Cloud Fortified and The Marketplace Security Bug Bounty programs that guarantee the highest standards for app security. But we didn't stop there. We have also obtained the ISO 9001 and 27001. Our commitment to ensuring quality products and information security will always be at the heart of everything we do.
What sort of data is collected, and what happens with that data?
Cosmos stores the installation information that Atlassian is providing. This data is needed to identify a client but does not indicate or expose any user data. Additionally, we are tracking usage information of our product (e.g., which features are being used). However, we are not collecting any contextual information around our features: we don’t see any names, emails, the name of your Confluence pages, their authors/editors, or any content on them. At no point do we collect any personally identifiable information.
Where is the collected data being stored?
We are using the Google Cloud Platform to maintain our Connect applications. Data of all used services are located in regions or regions within the European Union (Belgium, Netherlands, Zurich, Frankfurt, Finland, or Warsaw). Therefore EU jurisdiction applies. Our Forge apps rely on Atlassian's data residency features. We do not store any sensitive customer information like this.