Zum Hauptinhalt springen
Petabyte IT Services - Scalable Web and Ecommerce Solutions

Privacy Policy for Doc Review Manager

Last Updated: November 3, 2025

Effective Date: November 3, 2025

1. Introduction

This Privacy Policy describes how Doc Review Manager ("the App", "we", "us", or "our") collects, uses, and protects information when you use our Atlassian Forge app for Confluence Cloud.

We are committed to protecting your privacy and handling your data in an open and transparent manner. This App is built on the Atlassian Forge platform, which provides built-in security and privacy protections.

2. Information We Collect

2.1 Data Stored Within Your Confluence Instance

The App stores the following data using Confluence Content Properties API and Forge Storage API, all of which remains within your Atlassian Cloud instance:

Review Metadata (stored per page):

  • Review schedule settings (interval, frequency)
  • Next review date
  • Review owner (Atlassian account ID)
  • Review history (dates, reviewer account IDs, page versions)
  • Reminder tracking (dates and types of reminders sent)
  • Page creation and modification timestamps

Application Settings (stored globally):

  • Reminder preferences (enabled/disabled status, threshold days)
  • Default review interval settings
  • Job execution statistics (last run time, pages processed, reminders sent)

User Information Accessed:

  • Atlassian account IDs
  • User display names (for showing in UI)
  • User profile URLs (for clickable links)

2.2 Data We Do NOT Collect

We do NOT:

  • Collect or store page content or attachments
  • Access or store user passwords or authentication credentials
  • Track user behavior or analytics
  • Share any data with third parties
  • Store data outside your Atlassian Cloud instance
  • Use cookies or tracking technologies

3. How We Use Information

We use the collected information solely to provide the App's functionality:

To Enable Review Tracking:

  • Store and display document review schedules
  • Calculate review due dates and status
  • Show review history and ownership

To Send Reminders:

  • Track which reminders have been sent to prevent duplicates
  • Post reminder comments on pages approaching review dates
  • Execute scheduled daily checks for due reviews

To Provide Management Features:

  • Display all tracked documents in the admin dashboard
  • Show statistics and filtering options
  • Allow configuration of reminder settings

4. Data Storage and Security

4.1 Storage Location

All data is stored within your Atlassian Cloud instance using:

  • Confluence Content Properties API - Page-specific review metadata
  • Forge Storage API - Application-level settings and configuration

No data is transmitted to or stored on external servers outside of Atlassian's infrastructure.

4.2 Data Access

Only users with appropriate Confluence permissions can access the App's data:

  • Page-level data: Viewable by users with permission to view the page
  • Admin dashboard: Accessible to Confluence administrators
  • Settings: Accessible to Confluence administrators

4.3 Security Measures

Security is provided by:

  • Atlassian Forge platform security controls
  • Atlassian Cloud infrastructure security
  • Secure API authentication via Forge framework
  • No external data transmission (except to Atlassian APIs)
  • Regular security reviews and updates

5. Data Retention and Deletion

5.1 Data Retention

Data is retained for as long as:

  • The App is installed on your Confluence instance
  • The review schedule is active on a page
  • Required for compliance or operational purposes

5.2 Data Deletion

Data is automatically deleted when:

  • A page with review metadata is permanently deleted from Confluence
  • The App is uninstalled from your Confluence instance
  • An administrator manually removes review tracking from a page

5.3 User Rights

Users have the right to:

  • Access their review history via the macro display
  • Request removal of their data from review history
  • Export review metadata (via Confluence's standard export features)

6. Third-Party Services

6.1 Atlassian Services

The App operates entirely within the Atlassian Forge platform and only interacts with:

  • Confluence REST API v2 (for page and user data)
  • Forge Storage API (for app settings)
  • Forge Functions (for scheduled jobs)

All interactions are secured by Atlassian's authentication and authorization framework.

6.2 No External Services

The App does NOT:

  • Make requests to external APIs or services
  • Integrate with third-party platforms
  • Share data with external parties
  • Use external analytics or tracking services

7. International Data Transfers

Data storage location is determined by your Atlassian Cloud instance's region:

  • Data remains in the same region as your Confluence instance
  • Subject to Atlassian's data residency policies
  • No cross-border data transfers initiated by the App

8. Compliance

8.1 GDPR Compliance

For users in the European Union, we comply with GDPR requirements:

  • Legal Basis: Legitimate interest (providing document review functionality)
  • Data Minimization: We only collect necessary data
  • Purpose Limitation: Data used only for stated purposes
  • Right to Access: Users can view their review history
  • Right to Erasure: Data can be deleted on request
  • Data Portability: Data accessible via Confluence export

8.2 Other Privacy Laws

We comply with applicable privacy laws including:

  • California Consumer Privacy Act (CCPA)
  • Australian Privacy Principles (APP)
  • Other applicable regional privacy regulations

9. Children's Privacy

The App is designed for business use and is not intended for children under 13. We do not knowingly collect information from children.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be:

  • Posted to this document with an updated "Last Updated" date
  • Communicated through app update notes on Atlassian Marketplace
  • Effective immediately upon posting unless otherwise stated

Continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

11. Your Consent

By using the App, you consent to:

  • Collection and use of information as described in this Privacy Policy
  • Storage of data within your Atlassian Cloud instance
  • Processing of data for the purposes described above

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your data:

Support Contact:

Response Time: We aim to respond to privacy inquiries within 5 business days.

13. Data Controller Information

The data controller for the App is:

For data stored within Atlassian Cloud, Atlassian Pty Ltd is the primary data processor.

14. Acknowledgments

This App is built on Atlassian Forge and complies with:

  • Atlassian's Platform Privacy Policy
  • Atlassian Marketplace Partner Agreement
  • Forge App Security Requirements

For more information about Atlassian's privacy practices:
https://www.atlassian.com/legal/privacy-policy

Document Version: 1.0

Language: English

Jurisdiction: Fürth, Germany