Security and Privacy Statement

Last updated: 21/05/2024

Introduction

This Security and Privacy Statement outlines the practices and policies of the “Simple PlantUML for Confluence” application ("Application") available on the Atlassian Marketplace.

Hosting and Infrastructure

The Application is hosted on secure cloud platforms, specifically Heroku and Amazon Web Services (AWS). These platforms are renowned for their robust security measures and compliance with international standards.

  • Heroku Security: For more information about Heroku's security practices, please visit Heroku Security.

  • AWS Security: For more information about AWS's security practices, please visit AWS Security.

Data Storage and Privacy

  • No Storage of Personal Customer Data: The Application does not store any personal customer data. All customer data, including any personal data, remains within Atlassian Confluence.

  • Data in Atlassian Confluence: Customer data is stored securely inside Atlassian Confluence, adhering to Atlassian’s security and privacy policies. For more information, please refer to Atlassian’s Privacy Policy and Security Practices.

Secure Communication and Processing

  • HTTPS Encryption: All data transmitted between the Application and end users is encrypted using HTTPS. This ensures that all communications are secure and protected from eavesdropping or tampering.

  • Data Processing: User data, including diagram source, is securely transferred to our server via HTTPS, processed on the server to generate the PlantUML diagram, and then returned back to the user. During this process, user data is not stored on our external server. It is only temporarily processed and immediately discarded after the diagram is generated.

Technical Information Storage

While the Application does not store personal customer data, it may store certain technical information required for its functionality. This technical information includes, but is not limited to:

  • Configuration settings

  • Usage logs

  • Error logs

  • Performance metrics

Security Measures

We implement various security measures to protect the technical information stored and ensure the integrity of the Application, including:

  • Encryption of data in transit using SSL/TLS.

  • Regular security audits and vulnerability assessments.

  • Access controls to restrict access to sensitive information to authorized personnel only.

Customer Responsibilities

Customers are responsible for:

  • Ensuring their Atlassian Confluence environment is secure and up-to-date.

  • Managing access to their Atlassian Confluence data.