Security is one of our top priorities. All Refined apps for Atlassian cloud are Cloud Fortifiedand Refined adheres to Atlassian's security requirements for cloud applications.
Note that Refined does not store login credentials or any sensitive user data for Confluence on our servers.
We regularly test our products for security vulnerabilities via Bugcrowd's bug bounty program.
Cloud data storage practices
Refined Toolkit stores a limited amount of data outside of Atlassian Cloud. Learn what is and isn't stored below. Please note that the information on this page is subject to change.
What we store
Data stored by Refined Toolkit contains:
Layouts
Themes
What we don't store
Data stored by Refined Toolkit does not contain:
Images. All images that are uploaded into the layouts and themes are stored in the Atlassian Media API.
Personally identifiable information (except for IP addresses that we store in our logs for two weeks).
Login credentials. We never store login credentials of users, and authentication happens through Atlassian.
Atlassian Content. Atlassian content is never cached and it is fetched on demand for the user requesting the data.
Where we store data
Refined Toolkit's data is hosted by Heroku in the US.
Who can access data
Access to Refined Toolkit's cloud infrastructure is restricted to Refined employees who require access to develop, maintain and troubleshoot issues within the product.