Data Security & Privacy

Data Security

Overview

Kolibri Digital's Addons that run against the Atlassian Cloud servers are based on the Atlassian remote add-on framework (Atlassian Connect). We utilize other well-known third party providers to host and provide these services.

Storage

The data provided to us by you during the course of using the add-ons are stored in our databases. We don't store any Confluence content in our database. Any Atlassian application data (Space, Project, Page, Issue etc) is limited to the key or id of the item. We temporarily store information such as IP addresses in our web server logs for security purposes and to prevent fraudulent activities.

Account removal and data retention

This section explains how a customer can close an account and completely remove their data from our service. 

  • Customer accounts may be removed any time by uninstalling the AddOn from Cloud product.

  • Customer account information is retained by Kolibri Digital Ltd for 30 days, after this period account information is unrecoverable deleted

Application and infrastructure security

This section explains what security measures we've taken in our application and infrastructure.

  • Kolibri Digital Ltd support team accesses addon data only for purposes of application health monitoring and performing system or application maintenance, and upon customer request for support purposes.

  • Only authorized Kolibri Digital Ltd employees have access to server data. 

  • Customers are responsible for maintaining the security of their own Confluence Cloud login information.

  • Communication between the Cloud products and the AddOn server is done using web requests. All web requests are digitally signed, authenticated and authorized.

  • AddOn server is only accessible through secure protocols (e.g. https).

Security disclosure

This section explains how and under what circumstances we notify our customers about security breaches or vulnerabilities and indicate how a user or security researcher should disclose a vulnerability found in our add-on to us.

  • Security breaches or vulnerabilities with the proposed solution of the problem are published on our website.

  • Customers can report security breaches or vulnerabilities using support@kolibridigital.com e-mail address.

Privacy

As of the date this statement went into effect, we use Google Analytics as an analytics provider. To learn more about the privacy policy of Google Analytics, refer to Google's Policies and Principles. Use the Google Analytics Opt-out Browser Add-on to prevent analytics information from being sent to Google Analytic

Other Data collected during the use of our add-on will not be shared with third parties except if required by law.