Data Security and Privacy Policy for Artemis Apps
This policy applies to Artemis Software Cloud Apps that communicate with Atlassian Cloud products which add features and functionality.
Artemis Software hosted services use the Heroku Cloud Platform.
What Personal Information We Store and How We Store It
Unless specifically highlighted below, Artemis does not store customer personal information. The data stored by Atlassian in the Atlassian cloud product is covered by the Atlassian Cloud Policy.
Account Data
Our Cloud Apps store data provided and generated by Atlassian that are required for license validation. However, this data is obfuscated and contains no personal data nor user data.
Session Data
Our Cloud Apps briefly cache data in memory resulting from each customer's use of the service and is distinguished from user-generated content such as Confluence page names. This customer use includes, for example, usage statistics of service functionality such as the total number of App uses per day. This data is anonymized. Therefore, we cannot identify the end user this data relates to.
Backups
Artemis database backups are made only for Atlassian Connect application registration information. No personal information is stored. All backups are encrypted.
Data stored in our Heroku Cloud Platform for all Cloud Apps are replicated in a distinct availability zone for use in emergency failover scenarios and are backed up daily. Daily backups are retained for 7 days, weekly backups for 8 weeks, and monthly backups for 12 months.
Encryption
Where data is transferred over the Internet as part of a Website or Cloud Services, the data transmitted using industry-standard TLS-protected connections. Our databases are encrypted at rest, and sensitive fields stored in the database are further encrypted in the application tier before being stored.
Where Server Products are used, responsibility for securing access to the data you store in the Server Products rests with the customer. No data is shared or sent from Artemis Server Apps outside the Atlassian Server. We strongly recommend that administrators of Server Products enable encryption in transit (e.g., HTTPS using TLS) to prevent interception of data transmitted over networks and to restrict access to the databases and other storage used to hold data.
Who Has Access To Your Personal Information
Artemis support team accesses Heroku Cloud Platform data only for purposes of application health monitoring and performing system or application maintenance, and upon customer request for support purposes. Only authorized Artemis employees have access to server data.
Artemis and Cloud users are authenticated using Atlassian Connect JWT Authentication. Customers are responsible for maintaining the security of their own Confluence Cloud login information.
Whom We May Share Your Personal Information With
We will never share any personal information collected through use of our Cloud Apps.
As of March 29, 2019 our Cloud Apps will not store any customer personal information.
Your Personal Information Rights
You have the following rights:
- Review, change, or delete your personal information
- Ask about how we are processing your personal information
- Request a copy of your personal information
- Transfer your personal information from us to another person or business
Should you wish to exercise any of your rights, or have any questions concerning your rights, please email us at support@artemis.atlassian.net
Please note that we will require proof of your identity and, because we are a small company, your request may take up to 30 working days to process.
Additional information regarding Artemis Confluence Server Apps
Our Confluence Server Apps enhance the functionality of customers' Confluence Servers. These local or hosted customer Confluence installations are distinct from the Atlassian Confluence Cloud offerings. These installations run on platforms maintained by the customers themselves.
- All information stored by Confluence Server Apps locally is used expressly for the purposes of their operation.
- All information stored by Confluence Server Apps locally is maintained by the customer and is only accessible by the customer.
- No information stored by Confluence Server Apps will ever be accessed or used in any way by Artemis, except when the customer initiates contact and expressly sends Artemis data for the purpose of solving an issue such as debugging a problem.
Effective: December 10, 2018