Versions Compared

Version Old Version 1 New Version 2
Changes made by

Adrien Ragot

Adrien Ragot

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

These practices are accurate on July 5th, 2025.

Definitions

  • “App” means the cloud-based software application provided by us, including its user interface, underlying infrastructure, APIs, and associated services, through which Users access and manage requirement-related data and collaborate within integrated platforms such as Confluence.

  • “Data Residency” means a feature of the App that allows Customers to select the geographic region where their Application Data is hosted and stored. Data Residency applies exclusively to Application Data and does not extend to Support Data, License Data, or Website Analytics.

Architecure overview

  • The app is deployed on Amazon AWS,

  • This app is integrated with Atlassian using the Atlassian Connect Spring Boot framework, with a Forge descriptor as required by Atlassian. It means, when the user interacts with Atlassian Confluence and Jira where the app is installed, Atlassian notifies the app of changes, the app downloads the relevant information, extracts the necessary information and stores it in AWS.

  • “Data Residency” is a feature where customers can choose where the data is hosted. It covers the application data, and does not cover the support data, the license data or website analytics. We have 2 zonessupports 2 regions:

    • Default: The data is stored in Europe,

    • US: The data is stored in the USA.

...

  • The app is deployed in the AWS Region eu-west-1 (Ireland) for the default Data Residency, and in USA (North Virginia) for the US Data Residency,

  • The data is stored in AWS RDS, with encryption enabled, in the same AWS Region.

  • AWS RDS is configured with automatic backups and 30-day retention period. The backups are encrypted. There is no granularity: Restoring the data for all customers to a point in time would be easy, while restoring a subset or a single customer would be time-consuming.

  • Data in transit is encrypted in HTTPS over the worldwide internet, and TLS between the application servers and the database. The database is on a private subnet with no direct route from the worldwide internet to the database itself.

  • The logs are stored in AWS CloudWatch using encryption enabled,

  • The change events are stored in AWS CloudTrail,

  • Employees under confidentiality agreement can access the live data in the database, the live servers, and the backups.

...

App Data

The data that the app stores is subject to constant changes depending on features we develop. For the moment, the data is:

...