Skip to main content
Skip table of contents

FAQ: Data Processing and Storage

In order for Sensitive Data Detection to work correctly, we need to process and store some data in our secure databases for the duration that you use the Compliance for Confluence Cloud application.

What information do we need to process to be able to provide the service?

We will need identifiers such as page, space, and user IDs for setting the scope and permissions for the service. We also use these identifiers to authenticate the app and users.

Additionally, we also process the content on your Confluence pages in order to detect sensitive data.

What information do we need to store to be able to provide the service?

For the service to function efficiently and properly, we will store settings and detection results in our databases. In other words, we will store identifiers and content on the Confluence pages that is detected as sensitive data in our databases.

Important: Information classified as highly sensitive (e.g. credit card numbers) will not be stored in our database. For example, only the last four digits of a credit card number will be stored.

Who do we share your information with?

We use third parties, such as the AWS Lambda Service, to help us to process your data. However, they will not retain, use or disclose your personal information for any purpose.

Where do we process your information?

This depends on where you are located. In the UK, your data will be held in Ireland (EU) within an Amazon Web Services (AWS) Data Centre (aws-eu-west-1).

What is classed as highly sensitive data?

At present, we class the following data types as highly sensitive in Compliance for Confluence:

  • Credit card numbers.

As additional sensitive data detection types are added to Compliance for Confluence in the future, this list will be updated.

Where do we store your information?

We use an encrypted database with data encrypted in transit (using HTTPS) and at rest. Firewalls are in operation between our infrastructure and other services or the internet.

How long do we keep your information?

Any required data will be stored for as long as the subscription is active. Once a subscription becomes inactive (i.e. the subscription has ceased), the data will be retained for up to 3 years to enable you to re-subscribe at any time during this period, and retain your data.

If required, you can request your data is removed at any time by contacting our Customer Support team. 

How can I exercise my rights over my information?

Certain jurisdictions offer users specific rights with respect to their information, so you may have a right to access or receive a copy of your data, or to delete your data or restrict or object to our processing of your data.

If required, you can contact our Customer Support team to exercise your rights. 

For more information about how we handle data please view our privacy policy.

Need support? We’re here to help 🧡

If you have any questions or would like to speak with us about Compliance, please don’t hesitate to reach out to our Customer Support team.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.