Security and Data Hosting

Owned by Marin Varvodic
Last updated: Feb 14, 2024
3 min read

The security of the apps is continuously being put to the test due to the fact that they are connected to the cloud and are accessible over several networks. This is why one of our top priorities is preventing vulnerability to security threats and breaches.

To ensure maximum security and continuous monitoring, we follow the latest Atlassian security standards. Caelor apps are part of the Cloud Fortified and The Marketplace Security Bug Bounty programs that guarantee the highest standards for app security. But we didn't stop there. We have also obtained the ISO 9001 and ISO 27001 . Our commitment to ensuring quality products and information security will always be at the heart of everything we do.

What sort of data is collected, and what happens with that data?

Our apps store the installation information that Atlassian is providing. This data is needed to identify a client but does not indicate or expose any user data. Additionally, we are tracking usage information of our product (e.g., which features are being used).

We ensure privacy by not collecting any data from our users when they utilize our features. This includes personal details, page content, or any identifiable information.

Where is the collected data being stored?

We are using the Google Cloud Platform to maintain our apps developed with the Connect framework. Data of all used services are located in regions or regions within the European Union (Belgium, Netherlands, Zurich, Frankfurt, Finland, or Warsaw). Therefore EU jurisdiction applies. Our Forge apps rely on Atlassian's data residency features. We do not store any sensitive customer information like this. Our Connect apps:

Data associated with apps developed with Atlassian Forge framework apps is stored within Atlassian’s secure cloud, following high security and privacy standards. This ensures that app data is protected by the same rigorous security protocols that safeguard Atlassian's own products. Our Forge apps are:

Use of third-party AI services

In our continuous effort to enhance the card creation experience within our Cards macro, we have integrated OpenAI This integration is designed to improve the process, offering creative suggestions and automated content generation. We ensure that all interactions with OpenAI's technology are secure and that user data is handled following Caelor’s privacy policy, OpenAI's privacy policy and OpenAI's data processing addendum.

The AI service functions by processing input data to generate content suggestions. Here's how we handle this process:

  • Data processing → The necessary data required to generate card content is processed. This includes prompts or keywords you enter. We are not processing user’s name and email, page content, or any identifiable information.

  • Data usage → Processed data is used exclusively for the purpose of content generation within the Cards Macro. It is not used for any other purposes.

  • Data retention → We do not store the input data or the AI-generated content on our servers. Data is processed in real-time, and only the resulting content is retained within Confluence, in accordance with the Atlassian retention policy.

Confluence admins have full control over the use of the AI feature, as they can choose to enable or disable it at any time from the settings menu. For more detailed information on our data protection and privacy practices, please refer to our Privacy Policy. If you have any questions or concerns about the use of the AI service, please contact our support team.