1. Home
  2. Public Security Policy

Public Security Policy

What data do our apps collect and store?

AppStored by the applicationAccessed by the application
QC DocumentsAtlassian account ID-email address
-Atlassian account ID
QC Read & UnderstoodAtlassian account ID-email address
-Atlassian account ID
-changes to the R&U settings
-changes to the R&U status (Accept/Revoke)
-added/removed user
-added/removed user group
-created an Acknowledgement
QC StatusNo data is storedNo data is accessed
QC Page MetricsNo data is stored-comments on a page
-reactions on a page
-contribution to a page
-tags on a page
QC Template LauncherNo data is storedNo data is accessed

Where is the data stored at?

All data and information is stored in the US and the EU.

Security and Compliance

We are certified with ISO/IEC 27001:2013 since May 12, 2022, therefore all QC Analytics services and products are compliant with the requirements stated within the ISO/IEC 27001:2013 standard.

Data protection and privacy

All data sent to or from the QC macros for Confluence Cloud is encrypted and protected according to our secure development process. All information in transit is also encrypted by applying SSL/TLS.

Secure development

Our secure development process covers the principles we follow in order to develop and provide you with a product completely safe and maintainable.

Access to customer data

Access to customer data is granted to a respective employee in relation to their role within our company and according to our Access Control Process.

Incident management

Security incidents may occur from time to time, despite all our efforts to avoid them. For that, we aggregate logs from various sources in the hosting infrastructure and make use of a log management tool to monitor and flag any suspicious activity.

Audit

Every year, we are audited by an accredited ISO certification body. A penetration testing is also held annually to ensure the security of our products.