Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Security is our priority: read our Security Statement.  All  All Refined apps for Atlassian cloud are Cloud Fortifiedand we adhere to Atlassian's security requirements for cloud applications. Note that we don’t store login credentials or any sensitive user data for Confluence/Jira on our servers. We regularly test our products for security vulnerabilities via Bugcrowd's bug bounty program

See our marketplace listings for app-specific privacy & security information:

Security questionnaire: CAIQ lite

Due to the large number of customers, we are not able to answer customer specific security questionnaires. Instead we have answered the industry standard security questionnaire CAIQ Lite.

Download our answers:

View file
nameRefined CAIQ Lite - CAIQ Lite.pdf

Data storage

Data residency & storage practices

Security advisories

Security advisory 2019-12-18

...

...

Excerpt
nameDrata Trust Center

Drata Trust Center

Our Drata Trust Center is a centralized security platform. It helps us manage and showcase our compliance with security frameworks like SOC 2 and ISO 27001.

The platform provides a real-time look into our security posture. Some documents require a request for access. These are marked with a lock.

  • Which documents? Our policies, controls, sub-processors, penetration testing reports, and more.

  • Who can get access? Our customers, prospective customers, and partners.

Info

Some of these documents require you to accept our non-disclosure agreement (NDA). Before requesting access, make sure that you’re allowed to sign an NDA on behalf of your company. If you have any questions, please contact our support team.

To request access:

  1. Go to our Drata Trust Center.

  2. Select one or more documents.

  3. Provide your name, email, and company name.

  4. Once we’ve approved your request, you receive an email.

    1. If we require you to accept an NDA before receiving the documents, the email will prompt you to do so. Make sure that you’re allowed to sign an NDA on behalf of your company. Once you’ve accepted the NDA, you receive the documents in an email.

    2. If we don’t require you to accept an NDA, you receive the documents directly in an email.

...

Data storage and data residency

Refined stores a limited amount of data in its own database outside of Atlassian Cloud. We don’t store login credentials or any sensitive user data for Confluence/Jira on our servers.

The data we store is stored in the US by default. We offer the option to migrate your Refined data to the EU.

Learn more about data storage and data residency

...

Questions?

If you have additional questions about security, please get in touch with us.