Security is one of our top priorities. All Refined apps for Atlassian cloud are Cloud Fortifiedand Refined adheres to Atlassian's security requirements for cloud applications.
Note that Refined does not We don’t store login credentials or any sensitive user data for Confluence on our servers. We regularly test our products for security vulnerabilities via Bugcrowd's bug bounty program.
Security questionnaire: CAIQ lite
Due to the large number of customers, we are not able to answer customer specific security questionnaires. Instead we have answered the industry standard security questionnaire CAIQ Lite.
Download our answers:
View file | ||
---|---|---|
|
Cloud data storage practices
Refined Toolkit stores a limited amount of data outside of Atlassian Cloud. Please note that the information on this page is subject to change.
What we store and where
Layouts, hosted by Heroku in the US.
Themes, hosted by Heroku in the US.
Images in layouts and themes, stored in Refined’s S3 region-specific bucket in Amazon Web Services (AWS).
What we don't store
Images in macros.
Personally identifiable information (except for IP addresses that we store in our logs for two weeks).
Login credentials. We never store login credentials of users, and authentication happens through Atlassian.
Atlassian Content. Atlassian content is never cached and it is fetched on demand for the user requesting the data.
Who can access data
Access to Refined Toolkit's cloud infrastructure is restricted to Refined employees who require access to develop, maintain and troubleshoot issues within the product Click here for detailed privacy & security information.
Insert excerpt | ||||||||
---|---|---|---|---|---|---|---|---|
|
Data storage
Data storage and data residency
Security advisories
Questions?
If you have additional questions about security, please get in touch with us.