Atlas Authority is a boutique firm that provides JIRA and Confluence consulting with the best ROI.

Overview

Our goal is to have as little of your information as possible. We (at a best effort) document and disclose exactly what data is collected and where it is stored for each of our products. If you do not want to be tracked by Google Analytics we suggest you install the opt-out browser extension that Google provides https://tools.google.com/dlpage/gaoptout All of our systems (both server and individual user machines) are secured by 2FA and encrypt stored data.

Cloud Add-ons

Bandage

We link to external resources on both the Atlassian CDN and the Google CDN in this extension. Both of these CDNs are in regular usage when an Atlassian Cloud application is in use anyways.

During installation we will receive information similar to:

{ key: 'atlas-authority-bandage-connect',
  clientKey: '<hidden>',
  publicKey: '<hidden>',
  sharedSecret: '<hidden>',
  serverVersion: '100035',
  pluginsVersion: '1.2.35',
  baseUrl: 'https://<sitename>.atlassian.net',
  productType: 'jira',
  description: 'Atlassian JIRA at https://<sitename>.atlassian.net ',
  eventType: 'installed' }

During normal usage of the add-on, we only receive information about the browser of your end users when they go to the setup page. This information will be sent to us over HTTPS. Example of this data is:

[20/Mar/2017:16:27:07 +0000] "GET /install?tz=America%2FLos_Angeles&loc=en-US&user_id=admin&user_key=admin&
xdm_e=https%3A%2F%2F<Sitename>.atlassian.net&xdm_c=channel-atlas-authority-bandage-connect__install-jira&cp=&
xdm_deprecated_addon_key_do_not_use=atlas-authority-bandage-connect&lic=none&cv=1.2.35&
jwt=<jwt key> 
HTTP/1.1" 200 - "https://<sitekey>.atlassian.net/plugins/servlet/ac/atlas-authority-bandage-connect/install-jira?user.key=admin&project.key=AADS&project.id=10000&user.id=admin" 
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"

Other than during installation, we do not receive data from the add-on.

We do have Google Analytics configured on the listing in the Atlassian Marketplace and the Chrome Webstore, but this does not provide us any info other than user behavior within those pages. Our GA code is never run on any of your systems.

Server Add-ons

Active User Filter

We do have Google Analytics configured on the listing in the Atlassian Marketplace but this does not provide us any info other than user behavior in the Marketplace. Our GA code is never run on any of your systems.

iFramed

We do have Google Analytics configured on the listing in the Atlassian Marketplace but this does not provide us any info other than user behavior in the Marketplace. Our GA code is never run on any of your systems.

Incident Response

If a security issue is identified in either our Cloud or Server add-ons we will work with Atlassian to roll out a fix to as many customers as possible prior to publicly disclosing the issue. All supported license holders will be notified via the email account associated with the license.

Feedback

We are open to feedback on this policy and encourage you to share any concerns you have with us via the contact form.